Plattform
ibm
Komponente
maximo-asset-management
Behoben in
7.6.2
CVE-2025-2987 describes a server-side request forgery (SSRF) vulnerability affecting IBM Maximo Asset Management. This flaw allows an authenticated attacker to craft malicious requests originating from the system, potentially exposing internal resources or facilitating further attacks. The vulnerability impacts versions 7.6.1.3 through 7.6.1.3, and a fix is available in version 7.6.2.
The SSRF vulnerability in IBM Maximo Asset Management allows an authenticated attacker to leverage the application to make requests to internal or external resources that the application would normally not be able to access. This can be exploited for network enumeration, discovering internal services and their configurations. An attacker could potentially use this to access sensitive data stored on internal servers or to launch further attacks against other systems within the network. While the CVSS score is LOW, the potential for lateral movement and data exposure should not be underestimated, especially in environments with complex internal network architectures.
CVE-2025-2987 is not currently listed on the CISA KEV catalog. Public proof-of-concept (PoC) code is not widely available as of the publication date. The vulnerability's LOW CVSS score suggests a lower probability of widespread exploitation, but the potential for targeted attacks remains. The vulnerability was publicly disclosed on April 21, 2025.
Organizations heavily reliant on IBM Maximo Asset Management for asset lifecycle management are at risk. Environments with complex internal networks and limited network segmentation are particularly vulnerable, as the SSRF vulnerability could be leveraged for lateral movement and data exfiltration. Those using older, unpatched versions of Maximo Asset Management are also at increased risk.
• java / server:
ps -ef | grep "Maximo Asset Management"• java / server:
journalctl -u MaximoAssetManagement -f | grep "Server-side request forgery"• generic web:
curl -I <maximo_asset_management_url>/<potentially_malicious_url>• generic web:
grep -r "http://internal.example.com" /var/log/apache2/access.logdisclosure
Exploit-Status
EPSS
0.12% (31% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-2987 is to upgrade IBM Maximo Asset Management to version 7.6.2 or later, which contains the fix. If an immediate upgrade is not feasible, consider implementing network segmentation to restrict the application's access to sensitive internal resources. Web Application Firewalls (WAFs) configured with rules to block suspicious outbound requests can also provide a layer of defense. Monitor network traffic for unusual outbound connections originating from the Maximo Asset Management server.
Aktualisieren Sie IBM Maximo Asset Management auf eine Version, die die SSRF-Schwachstelle behoben hat. Konsultieren Sie das IBM Advisory für die korrigierte Version und spezifische Update-Anweisungen. Wenden Sie Sicherheitsupdates so bald wie möglich an.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-2987 is a server-side request forgery vulnerability in IBM Maximo Asset Management allowing authenticated users to send unauthorized requests, potentially exposing internal resources.
You are affected if you are running IBM Maximo Asset Management versions 7.6.1.3–7.6.1.3. Upgrade to 7.6.2 or later to mitigate the risk.
Upgrade to IBM Maximo Asset Management version 7.6.2 or later. Implement network segmentation and input validation as interim measures.
There is currently no confirmed evidence of active exploitation, but the SSRF nature of the vulnerability suggests potential for future attacks.
Refer to the official IBM Security Bulletin for details and further guidance: [https://www.ibm.com/support/kbdoc/firstdoc?docid=instance/common/sb129850]
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.