Cyber Resilience

CVE-2024-35148

Medium

Published: 25 January 2025

Published
25 January 2025
Modified
08 July 2025
KEV Added
Patch
CVSS Score v3.1 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
EPSS Score 0.0011 29.8th percentile
Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-35148 is a medium-severity SQL Injection (CWE-89) vulnerability in Ibm Maximo Application Suite. Its CVSS base score is 6.3 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 29.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2024-35148 is a SQL injection vulnerability (CWE-89) in the Monitor Component of IBM Maximo Application Suite versions 8.10.10, 8.11.7, and 9.0. Published on 2025-01-25, it carries a CVSS v3.1 base score of 6.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L), indicating medium severity with network accessibility, low attack complexity, and requirements for low privileges.

A remote attacker with low-privileged access could exploit this vulnerability by sending specially crafted SQL statements to the affected Monitor Component. Successful exploitation would allow the attacker to view, add, modify, or delete information in the back-end database, resulting in limited impacts to confidentiality, integrity, and availability.

IBM has issued a security advisory at https://www.ibm.com/support/pages/node/7174952, which provides details on the vulnerability and recommended mitigation steps, including available patches for the affected versions.

EU & UK References

Vulnerability details

IBM Maximo Application Suite 8.10.10, 8.11.7, and 9.0 - Monitor Component is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end…

more

database.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

SQL injection in network-accessible Monitor Component directly enables remote exploitation of a public-facing application for limited DB read/write/delete operations.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-36386Same product: Ibm Maximo Application Suite
CVE-2025-36368Same vendor: Ibm
CVE-2023-50316Same vendor: Ibm
CVE-2025-13379Same vendor: Ibm
CVE-2024-39750Same vendor: Ibm
CVE-2026-9170Same vendor: Ibm
CVE-2026-7876Same vendor: Ibm
CVE-2024-41787Same vendor: Ibm
CVE-2025-36365Same vendor: Ibm
CVE-2026-9311Same vendor: Ibm

Affected Assets

ibm
maximo application suite
8.10.10, 8.11.7, 9.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

SI-10 requires validation of all information inputs, directly preventing SQL injection by rejecting specially crafted malicious SQL statements in the Monitor Component.

prevent

SI-2 mandates timely remediation of flaws, such as applying IBM's patches specifically issued for this SQL injection vulnerability in Maximo Application Suite.

prevent

SI-9 restricts the types and quantities of information inputs, limiting the ability of attackers to submit oversized or malformed SQL payloads to the vulnerable Monitor Component.

References