SQL Injection Flaw in IBM Maximo Asset Management and Other Products
CVE-2013-4016

Currently unrated

Key Information:

Vendor

IBM
Status
Change And Configuration Management Database
Maximo Service Desk
Tivoli Service Request Manager
Tivoli It Asset Management For It
Vendor
CVE Published:
26 May 2014

What is CVE-2013-4016?

A SQL injection vulnerability is present in various versions of IBM Maximo Asset Management, allowing remote authenticated users to execute arbitrary SQL commands. This occurs through maliciously crafted Birt report queries with plain text WHERE clauses, potentially leading to unauthorized data access and manipulation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www-01.ibm.com/support/docview.wss?uid=swg21670870
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/85793
vdb-entryx_refsource_XF
http://www-01.ibm.com/support/docview.wss?uid=swg1IV41871
vendor-advisoryx_refsource_AIXAPAR

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.