CVE-2013-0451

SQL injection vulnerability in IBM Maximo Asset Management 6.2 through 6.2.8 and 7.1 through 7.1.1.12 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Published: Oct 1, 2013
Updated: Nov 9, 2025
CVE: CVE-2013-0451
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P

CWEs:

CWE-89

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
ibm / maximo_asset_management	6.2.6.1	6.2.6.1.x
ibm / maximo_asset_management	6.2.5	6.2.5.x
ibm / maximo_asset_management	6.2.4	6.2.4.x
ibm / maximo_asset_management	6.2.2	6.2.2.x
ibm / maximo_asset_management	6.2.6	6.2.6.x
ibm / maximo_asset_management	6.2.8	6.2.8.x
ibm / maximo_asset_management	6.2.3	6.2.3.x
ibm / maximo_asset_management	6.2	6.2.x
ibm / maximo_asset_management	6.2.1	6.2.1.x
ibm / maximo_asset_management	6.2.7	6.2.7.x
ibm / maximo_asset_management	7.1.1.5	7.1.1.5.x
ibm / maximo_asset_management	7.1.1.7	7.1.1.7.x
ibm / maximo_asset_management	7.1.1.10	7.1.1.10.x
ibm / maximo_asset_management	7.1.1.8	7.1.1.8.x
ibm / maximo_asset_management	7.1.1.12	7.1.1.12.x
ibm / maximo_asset_management	7.1.1.9	7.1.1.9.x
ibm / maximo_asset_management	7.1.1.2	7.1.1.2.x
ibm / maximo_asset_management	7.1.1.11	7.1.1.11.x
ibm / maximo_asset_management	7.1	7.1.x
ibm / maximo_asset_management	7.1.1.6	7.1.1.6.x
ibm / maximo_asset_management	7.1.1	7.1.1.x
ibm / maximo_asset_management	7.1.1.1	7.1.1.1.x

Vulnerability Database

309,540

CVE-2013-0451

Deep Security Visibility Without the Complexity