← Volver a CVEs
CVE-2017-1352
N/ADescripcion
IBM Maximo Asset Management 7.5 and 7.6 could allow an authenticated user to inject commands into work orders that could be executed by another user that downloads the affected file. IBM X-Force ID: 126538.
Detalles CVE
Puntuacion CVSS v3.1N/A
Publicado9/12/2017
Ultima modificacion4/20/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
ibm:maximo_asset_management
Debilidades (CWE)
CWE-77
Referencias
http://www.ibm.com/support/docview.wss?uid=swg22006650(psirt@us.ibm.com)
http://www.securityfocus.com/bid/100697(psirt@us.ibm.com)
https://exchange.xforce.ibmcloud.com/vulnerabilities/126538(psirt@us.ibm.com)
http://www.ibm.com/support/docview.wss?uid=swg22006650(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/100697(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/126538(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.