← Voltar para CVEs
CVE-2017-1352
N/ADescricao
IBM Maximo Asset Management 7.5 and 7.6 could allow an authenticated user to inject commands into work orders that could be executed by another user that downloads the affected file. IBM X-Force ID: 126538.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado9/12/2017
Ultima modificacao4/20/2025
Fontenvd
Avistamentos honeypot0
Produtos afetados
ibm:maximo_asset_management
Fraquezas (CWE)
CWE-77
Referencias
http://www.ibm.com/support/docview.wss?uid=swg22006650(psirt@us.ibm.com)
http://www.securityfocus.com/bid/100697(psirt@us.ibm.com)
https://exchange.xforce.ibmcloud.com/vulnerabilities/126538(psirt@us.ibm.com)
http://www.ibm.com/support/docview.wss?uid=swg22006650(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/100697(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/126538(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.