Login Sign Up

CVE-2024-35148

6.3 MEDIUM
SQL Injection

📋 TL;DR

This SQL injection vulnerability in IBM Maximo Application Suite's Monitor Component allows remote attackers to execute arbitrary SQL commands. Successful exploitation could enable attackers to read, modify, or delete database information. Organizations running affected versions of IBM Maximo Application Suite are at risk.

💻 Affected Systems

Products:
  • IBM Maximo Application Suite
Versions: 8.10.10, 8.11.7, 9.0
Operating Systems: All supported platforms
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects the Monitor Component of IBM Maximo Application Suite

📦 What is this software?

Maximo Application Suite by Ibm

View all CVEs affecting Maximo Application Suite →

Maximo Application Suite by Ibm

View all CVEs affecting Maximo Application Suite →

Maximo Application Suite by Ibm

View all CVEs affecting Maximo Application Suite →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the back-end database including data theft, data manipulation, or deletion of critical business information

🟠

Likely Case

Unauthorized data access and potential data exfiltration from the Maximo database

🟢

If Mitigated

Limited impact if proper input validation and database permissions are in place

🌐 Internet-Facing: HIGH - Remote attackers can exploit this vulnerability without authentication
🏢 Internal Only: HIGH - Internal attackers or compromised systems could exploit this vulnerability

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

SQL injection vulnerabilities are typically easy to exploit with readily available tools

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply fixes as specified in IBM Security Bulletin

Vendor Advisory: https://www.ibm.com/support/pages/node/7174952

Restart Required: Yes

Instructions:

1. Review IBM Security Bulletin 2. Apply recommended patches 3. Restart affected services 4. Verify patch installation

🔧 Temporary Workarounds

Input Validation Enhancement

all

Implement strict input validation and parameterized queries for Monitor Component endpoints

Network Segmentation

all

Restrict network access to Maximo Application Suite Monitor Component

🧯 If You Can't Patch

  • Implement web application firewall (WAF) with SQL injection rules
  • Restrict database user permissions to minimum required access

🔍 How to Verify

Check if Vulnerable:

Check IBM Maximo Application Suite version against affected versions (8.10.10, 8.11.7, 9.0)

Check Version:

Check Maximo version through administrative interface or configuration files

Verify Fix Applied:

Verify patch installation and test Monitor Component functionality

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL query patterns in database logs
  • Multiple failed login attempts with SQL-like payloads

Network Indicators:

  • Unusual traffic patterns to Monitor Component endpoints
  • SQL-like payloads in HTTP requests

SIEM Query:

search 'SQL' OR 'injection' in web server logs for Maximo Monitor endpoints

📊 Metadata

CVE ID: CVE-2024-35148
CVSS v3 Score: 6.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-89
EPSS Score: 0.07% exploit probability (20.1th percentile)
Published: January 25, 2025
Last Updated: July 8, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-35148, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)