Sql injection

2012-09-1017:55:00

PRIOn knowledge base

www.prio-n.com

8.3 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

59.2%

JSON

SQL injection vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

CPENameOperatorVersion
change_and_configuration_management_databaseeq7.0
change_and_configuration_management_databaseeq6.0
maximo_asset_managementeq6.2.0.0
maximo_asset_managementeq7.5.0.0
maximo_asset_managementeq7.1.0.0
maximo_service_deskeq6.2
smartcloud_control_deskeq7.0
tivoli_asset_management_for_iteq7.0
tivoli_asset_management_for_iteq7.2
tivoli_asset_management_for_iteq7.1

Name	Operator	Version
change_and_configuration_management_database	eq	7.0
change_and_configuration_management_database	eq	6.0
maximo_asset_management	eq	6.2.0.0
maximo_asset_management	eq	7.5.0.0
maximo_asset_management	eq	7.1.0.0
maximo_service_desk	eq	6.2
smartcloud_control_desk	eq	7.0
tivoli_asset_management_for_it	eq	7.0
tivoli_asset_management_for_it	eq	7.2
tivoli_asset_management_for_it	eq	7.1