CVE-2017-1352
CVE-2017-1352
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.8%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
12 Sep 2017Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM Maximo Asset Management 7.5 and 7.6 could allow an authenticated user to inject commands into work orders that could be executed by another user that downloads the affected file. IBM X-Force ID: 126538.
Affected products
IBM · Maximo Asset Management