What is the severity of CVE-2012-0728?

CVE-2012-0728 has a medium severity level, indicating a moderate risk to the affected systems.

How do I fix CVE-2012-0728?

To fix CVE-2012-0728, apply the security patches provided by IBM for your affected software version.

Which IBM products are affected by CVE-2012-0728?

CVE-2012-0728 affects IBM Maximo Asset Management versions 7.1 to 7.5, IBM Tivoli Asset Management for IT, IBM SmartCloud Control Desk, and others.

Can unauthenticated users exploit CVE-2012-0728?

No, CVE-2012-0728 can only be exploited by remote authenticated users.

What type of vulnerability is CVE-2012-0728?

CVE-2012-0728 is an SQL injection vulnerability allowing attackers to execute arbitrary SQL queries.

Vulnerability/
CVE-2012-0728

medium

6.5

CWE

10/9/2012

6/8/2024

CVE-2012-0728: SQL Injection

First published: Mon Sep 10 2012(Updated: )

SQL injection vulnerability in IBM Maximo Asset Management 7.1 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Tivoli Change and Configuration Management Database	=6.0
IBM Tivoli Change and Configuration Management Database	=7.0
IBM Maximo Asset Management	=7.1.0.0
IBM Maximo Asset Management	=7.5.0.0
IBM Maximo Service Desk	=6.2
IBM Control Desk	=7.0
IBM Tivoli IT Asset Management for IT	=6.0
IBM Tivoli IT Asset Management for IT	=6.2
IBM Tivoli IT Asset Management for IT	=7.0
IBM Tivoli IT Asset Management for IT	=7.1
IBM Tivoli IT Asset Management for IT	=7.2
Ibm Tivoli Service Request Manager	=7.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-0728?
CVE-2012-0728 has a medium severity level, indicating a moderate risk to the affected systems.
How do I fix CVE-2012-0728?
To fix CVE-2012-0728, apply the security patches provided by IBM for your affected software version.
Which IBM products are affected by CVE-2012-0728?
CVE-2012-0728 affects IBM Maximo Asset Management versions 7.1 to 7.5, IBM Tivoli Asset Management for IT, IBM SmartCloud Control Desk, and others.
Can unauthenticated users exploit CVE-2012-0728?
No, CVE-2012-0728 can only be exploited by remote authenticated users.
What type of vulnerability is CVE-2012-0728?
CVE-2012-0728 is an SQL injection vulnerability allowing attackers to execute arbitrary SQL queries.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/last-modified-date
agent/severity
agent/author
agent/event
agent/description
agent/first-publish-date
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm tivoli change and configuration management database
version/ibm tivoli change and configuration management database/6.0
version/ibm tivoli change and configuration management database/7.0
canonical/ibm maximo asset management
version/ibm maximo asset management/7.1.0.0
version/ibm maximo asset management/7.5.0.0
canonical/ibm maximo service desk
version/ibm maximo service desk/6.2
canonical/ibm control desk
version/ibm control desk/7.0
canonical/ibm tivoli it asset management for it
version/ibm tivoli it asset management for it/6.0
version/ibm tivoli it asset management for it/6.2
version/ibm tivoli it asset management for it/7.0
version/ibm tivoli it asset management for it/7.1
version/ibm tivoli it asset management for it/7.2
canonical/ibm tivoli service request manager
version/ibm tivoli service request manager/7.0