CVE-2025-14684 MEDIUM

CVE-2025-14684: IBM Maximo Application Suite - Monitor Component uses Log Forging which is vulnerable to .

Vendor Ibm
Product Maximo Application Suite - Monitor Component
Weakness CWE-117
Published March 25, 2026
Last update March 28, 2026

CVSS base score

4.0/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files.

Key dates

02Disclosure timeline

March 25, 2026 CVE published
March 28, 2026 Record updated