CVE-2013-3973

SQL injection vulnerability in IBM Maximo Asset Management 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:maximo_asset_management:7.5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.5.0.4:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:ibm:maximo_asset_management:7.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.1.1.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.1.1.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.1.1.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.1.1.8:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.1.1.9:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.1.1.10:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.1.1.11:*:*:*:*:*:*:*

History

21 Nov 2024, 01:54

Type Values Removed Values Added
References () http://secunia.com/advisories/55068 - () http://secunia.com/advisories/55068 -
References () http://www-01.ibm.com/support/docview.wss?uid=swg1IV39184 - () http://www-01.ibm.com/support/docview.wss?uid=swg1IV39184 -
References () http://www-01.ibm.com/support/docview.wss?uid=swg21651085 - Vendor Advisory () http://www-01.ibm.com/support/docview.wss?uid=swg21651085 - Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/84850 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/84850 -

Information

Published : 2013-10-01 11:14

Updated : 2024-11-21 01:54


NVD link : CVE-2013-3973

Mitre link : CVE-2013-3973

CVE.ORG link : CVE-2013-3973


JSON object : View

Products Affected

ibm

  • maximo_asset_management
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')