Vulnerability Description
IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in Java. By sending specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 182396.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Maximo Asset Management | >= 7.6.0, < 7.6.0.10 |
Related Weaknesses (CWE)
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/182396VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/6332587PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/182396VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/6332587PatchVendor Advisory
FAQ
What is CVE-2020-4521?
CVE-2020-4521 is a vulnerability with a CVSS score of 8.8 (HIGH). IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in Java. By sending specially-craft...
How severe is CVE-2020-4521?
CVE-2020-4521 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-4521?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Maximo Asset Management.