SQL Injection Vulnerability in IBM Maximo Asset Management by IBM
CVE-2012-0727

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Asset Management For It; Smartcloud Control Desk; Change And Configuration Management Database; Maximo Asset Management
Vendor: CVE Published:; 10 September 2012

Summary

An SQL injection vulnerability exists in IBM Maximo Asset Management 7.5, affecting various IBM products, which can be exploited by remote authenticated users. This flaw permits attackers to execute arbitrary SQL commands through unspecified vectors, potentially leading to unauthorized access and manipulation of critical data across the affected systems.

References

http://www-01.ibm.com/support/docview.wss?uid=swg1IV17963

vendor-advisoryx_refsource_AIXAPAR

http://secunia.com/advisories/50551

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/74306

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Sep 10, 2012
Vulnerability Reserved
Jan 17, 2012