IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 and the IBM Maximo Manage 8.3, 8.4 application in IBM Maximo Application Suite are vulnerable to CSV injection. IBM X-Force ID: 2306335.
References
Link | Resource |
---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/230635 | VDB Entry Vendor Advisory |
https://www.ibm.com/support/pages/node/6852669 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
07 Nov 2023, 03:48
Type | Values Removed | Values Added |
---|---|---|
Summary | IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 and the IBM Maximo Manage 8.3, 8.4 application in IBM Maximo Application Suite are vulnerable to CSV injection. IBM X-Force ID: 2306335. |
12 Jan 2023, 20:53
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:ibm:maximo_application_suite:8.4:*:*:*:*:*:*:* cpe:2.3:a:ibm:maximo_asset_management:7.6.1.1:*:*:*:*:*:*:* cpe:2.3:a:ibm:maximo_asset_management:7.6.1.2:*:*:*:*:*:*:* cpe:2.3:a:ibm:maximo_application_suite:8.3:*:*:*:*:*:*:* cpe:2.3:a:ibm:maximo_asset_management:7.6.1.3:*:*:*:*:*:*:* |
|
References | (MISC) https://exchange.xforce.ibmcloud.com/vulnerabilities/230635 - VDB Entry, Vendor Advisory | |
References | (MISC) https://www.ibm.com/support/pages/node/6852669 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
First Time |
Ibm
Ibm maximo Asset Management Ibm maximo Application Suite |
09 Jan 2023, 12:40
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-01-09 08:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-35281
Mitre link : CVE-2022-35281
CVE.ORG link : CVE-2022-35281
JSON object : View
Products Affected
ibm
- maximo_application_suite
- maximo_asset_management
CWE
CWE-1236
Improper Neutralization of Formula Elements in a CSV File