NVD

Id
11155  
Name
CVE-2011-4816  
Description
SQL injection vulnerability in the KPI component in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service Desk 6.2; and IBM Tivoli Change and Configuration Management Database (CCMDB) 6.2, 7.1, and 7.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.  
Reject
 
CVSS Version
2  
CVSS Score
6.5  
Severity
Medium  
CVSS Base Score
6.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:P/I:P/A:P)  
Pub Date
2017-01-07  
Published
2012-03-12  
Modified Date
2012-03-13  
Seq
2011-4816  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
61836 11155 CVE-2011-4816 IV09194  View
61837 11155 CVE-2011-4816 http://www.ibm.com/support/docview.wss?uid=swg21584666  View
61838 11155 CVE-2011-4816 maximo-kpi-sql-injection(72001)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
26041 JVNDB-2012-001748 複数の IBM 製品 の KPI コンポーネントにおける SQL インジェクションの脆弱性 複数の IBM Maximo および IBM Tivoli 製品 の KPI コンポーネントには、SQL インジェクションの脆弱性が存在します。 CVE-2011-4816 52723 CVE-2011-4816 11155 6.5 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001748.html 2012-02-14 2012-03-14 View