Vulnerabilities > CVE-2021-20443 - Inclusion of Functionality from Untrusted Control Sphere vulnerability in IBM Maximo for Civil Infrastructure 7.6.2

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
ibm
CWE-829
NVD
Published: 2021-02-18
Updated: 2021-02-22

Summary

IBM Maximo for Civil Infrastructure 7.6.2 includes executable functionality (such as a library) from a source that is outside of the intended control sphere. IBM X-Force ID: 196619.

Vulnerable Configurations

Part Description Count
Application
Ibm
1
OS
Linux
1
OS
Microsoft
1

Common Weakness Enumeration (CWE)

References