High Severity

Security Bulletin: IBM Maximo Asset Management is vulnerable to CSV Injection (CVE-2021-20509)

Share this post:

IBM Maximo Asset Management is vulnerable to CSV Injection.

CVE(s): CVE-2021-20509

Affected product(s) and affected version(s):

This vulnerability affects the following versions of the IBM Maximo Asset Management core product.  Older versions of Maximo Asset Management may be impacted. The recommended action is to update to the latest version.

Maximo Asset Management core product versions affected:

Affected Product(s) Version(s)
IBM Maximo Asset Management 7.6.0.x
IBM Maximo Asset Management 7.6.1.x

* To determine the core product version, log in and view System Information. The core product version is the "Tivoli's process automation engine" version. Please consult the Product Coexistence Matrix for a list of supported product combinations.

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6480377
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/198243

More stories

Security Bulletin: A vulnerability in Spring Framework affects IBM Watson Machine Learning Accelerator

Oct 15, 2021 8:01 pm EDT | High Severity

A vulnerability exists in Spring Framework version used by IBM Watson Machine Learning Accelerator. Spring framework upgrade to version 5.2.15 which resolves these vulnerabilities, is available on IBM Fix Central. ...read more


Security Bulletin: IBM Cloud Pak for Integration is vulnerable to multiple Node.js vulnerabilities

Oct 15, 2021 8:00 pm EDT | High Severity

IBM Cloud Pak for Integration is vulnerable to multiple Node.js vulnerabilities with details below ...read more


Security Bulletin: IBM Cloud Pak for Integration is vulnerable to multiple Go vulnerabilities

Oct 15, 2021 8:00 pm EDT | High Severity

IBM Cloud Pak for Integration is vulnerable to multiple Go vulnerabilities with details of each below ...read more