← back
CVE-2025-14684

IBM Maximo Application Suite - Monitor Component uses Log Forging which is vulnerable to .

CVSS 4 MEDIUMEPSS 0.1%CWE-117
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
25 Mar 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files.
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Affected products
IBM · Maximo Application Suite - Monitor Component

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.ibm.com/support/pages/node/7267481