4
CVE-2025-14684
- EPSS 0.01%
- Veröffentlicht 25.03.2026 21:22:44
- Zuletzt bearbeitet 31.03.2026 20:20:07
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
LoginIBM Maximo Application Suite - Monitor Component uses Log Forging which is vulnerable to .
IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Maximo Application Suite Version >= 8.10 < 8.10.26
Ibm ≫ Maximo Application Suite Version >= 8.11 < 8.11.24
Ibm ≫ Maximo Application Suite Version >= 9.0 < 9.0.16
Ibm ≫ Maximo Application Suite Version >= 9.1 < 9.1.6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.01% | 0.002 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 3.3 | 1.8 | 1.4 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
|
| psirt@us.ibm.com | 4 | 2.5 | 1.4 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
|
CWE-117 Improper Output Neutralization for Logs
The product does not neutralize or incorrectly neutralizes output that is written to logs.