CVE-2025-14684

EUVD-2025-209038
IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
ibmmaximo_application_suite
8.10 ≤
𝑥
< 8.10.26
ibmmaximo_application_suite
8.11 ≤
𝑥
< 8.11.24
ibmmaximo_application_suite
9.0 ≤
𝑥
< 9.0.16
ibmmaximo_application_suite
9.1 ≤
𝑥
< 9.1.6
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.ibm.com/support/pages/node/7267481