PT-2025-15047 · Ibm · Ibm Maximo Application Suite
Kapil Khot
·
Published
2025-04-05
·
Updated
2025-07-08
·
CVE-2025-1500
CVSS v3.1
8.0
High
| Vector | AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
IBM Maximo Application Suite version 9.0
Description
The issue allows an authenticated user to upload a file with dangerous types that could be executed by another user if opened.
Recommendations
For IBM Maximo Application Suite version 9.0, consider restricting file upload capabilities to prevent the upload of dangerous file types until a fix is available. As a temporary workaround, limit access to file uploads to trusted users and ensure that all uploaded files are thoroughly scanned for malicious content.
Fix
LPE
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Maximo Application Suite