CVE-2022-35281

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-35281
IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 and the IBM Maximo Manage 8.3, 8.4 application in IBM Maximo Application Suite are vulnerable to CSV injection. IBM X-Force ID: 2306335.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.1 / Impact : 3.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/230635 VDB Entry Vendor Advisory
https://www.ibm.com/support/pages/node/6852669 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/230635 VDB Entry Vendor Advisory
https://www.ibm.com/support/pages/node/6852669 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:maximo_application_suite:8.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_application_suite:8.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.6.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.6.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.6.1.3:*:*:*:*:*:*:*
History

21 Nov 2024, 07:11

Type Values Removed Values Added
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/230635 - VDB Entry, Vendor Advisory () https://exchange.xforce.ibmcloud.com/vulnerabilities/230635 - VDB Entry, Vendor Advisory
References () https://www.ibm.com/support/pages/node/6852669 - Vendor Advisory () https://www.ibm.com/support/pages/node/6852669 - Vendor Advisory
Summary
  • (es) IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 y la aplicación IBM Maximo Manage 8.3, 8.4 en IBM Maximo Application Suite son vulnerables a la inyección CSV. ID de IBM X-Force: 2306335.
CVSS v2 : unknown
v3 : 8.8 		v2 : unknown
v3 : 5.5

07 Nov 2023, 03:48

Type Values Removed Values Added
Summary IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 and the IBM Maximo Manage 8.3, 8.4 application in IBM Maximo Application Suite are vulnerable to CSV injection. IBM X-Force ID: 2306335. IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 and the IBM Maximo Manage 8.3, 8.4 application in IBM Maximo Application Suite are vulnerable to CSV injection. IBM X-Force ID: 2306335.
Information

Published : 2023-01-09 08:15

Updated : 2024-11-21 07:11

NVD link : CVE-2022-35281

Mitre link : CVE-2022-35281

CVE.ORG link : CVE-2022-35281

JSON object : View

Products Affected

ibm

  • maximo_asset_management
  • maximo_application_suite
CWE
CWE-1236

Improper Neutralization of Formula Elements in a CSV File


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024