CVE-2025-14684 | THREATINT

Description

IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files.

PUBLISHED Reserved 2025-12-13 | Published 2026-03-25 | Updated 2026-03-28 | Assigner ibm

MEDIUM: 4.0CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Problem types

CWE-117 Improper Output Neutralization for Logs

Product status

9.1

affected

9.0

affected

8.11

affected

8.10

affected

References

www.ibm.com/support/pages/node/7267481 vendor-advisory patch

cve.org (CVE-2025-14684)

nvd.nist.gov (CVE-2025-14684)

Download JSON