EUVD-2025-209038

| CVE-2025-14684 MEDIUM
2026-03-25 ibm
4.0
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None

Lifecycle Timeline

4
EUVD ID Assigned
Mar 25, 2026 - 21:32 euvd
EUVD-2025-209038
Analysis Generated
Mar 25, 2026 - 21:32 vuln.today
Patch Released
Mar 25, 2026 - 21:32 nvd
Patch available
CVE Published
Mar 25, 2026 - 21:22 nvd
MEDIUM 4.0

Tags

IBM Authentication Bypass

Description

IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files.

Analysis

IBM Maximo Application Suite Monitor Component versions 8.10, 8.11, 9.0, and 9.1 contain an improper neutralization vulnerability in log file handling that allows unauthorized users to inject arbitrary data into log messages. An attacker with local access can manipulate log entries to inject malicious content, potentially leading to log tampering and integrity compromise. While the CVSS score of 4.0 reflects low severity with no confidentiality or availability impact, the vulnerability requires no authentication or special privileges, making it a concern for environments with local access controls.

Technical Context

This vulnerability (CWE-117: Improper Neutralization of Input During Web Page Generation or Log Entry) stems from inadequate input sanitization when writing data to log files in the Monitor component of Maximo Application Suite. The affected products span versions 8.10 through 9.1 as indicated by the CPE (cpe:2.3:a:ibm:maximo_application_suite_-_monitor_component). CWE-117 specifically addresses cases where special characters or control sequences are not properly escaped before being written to logs, allowing attackers to inject log entries that appear legitimate or inject control sequences to manipulate log file parsing. This is distinct from log injection in web applications but follows similar principles where unvalidated user input flows directly into log output streams without proper encoding or filtering.

Affected Products

IBM Maximo Application Suite Monitor Component is affected in versions 8.10, 8.11, 9.0, and 9.1. The vulnerability is confirmed through CPE identifier cpe:2.3:a:ibm:maximo_application_suite_-_monitor_component. A patch is available from the vendor. Organizations running Maximo Application Suite should consult the IBM security advisory at https://www.ibm.com/support/pages/node/7267481 to verify their specific deployment versions and download the appropriate security updates.

Remediation

Apply the security patch provided by IBM for Maximo Application Suite Monitor Component via the vendor advisory at https://www.ibm.com/support/pages/node/7267481. Affected users should upgrade to the patched version applicable to their deployment (versions 8.10, 8.11, 9.0, or 9.1). Until patches can be deployed, restrict local access to systems running Maximo Monitor component to authorized personnel only, enforce strong access controls on the underlying operating system, and monitor log files for suspicious injection attempts such as control characters or unexpected entries. Additionally, implement centralized log aggregation with integrity checks to detect tampering.

Priority Score

20
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +20
POC: 0

Share

EUVD-2025-209038 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy