Platform
ibm
Component
maximo-asset-management
Fixed in
7.6.2
CVE-2025-2987 describes a server-side request forgery (SSRF) vulnerability affecting IBM Maximo Asset Management. This flaw allows an authenticated attacker to craft malicious requests originating from the system, potentially exposing internal resources or facilitating further attacks. The vulnerability impacts versions 7.6.1.3 through 7.6.1.3, and a fix is available in version 7.6.2.
The SSRF vulnerability in IBM Maximo Asset Management allows an authenticated user to manipulate the application into making requests to arbitrary internal or external resources. This can be exploited to perform network reconnaissance, identifying internal services and their configurations. An attacker could potentially access sensitive data residing behind firewalls or internal networks that are normally inaccessible. While the CVSS score is LOW, the potential for lateral movement and data exposure makes this a significant concern, especially in environments with complex internal network architectures. Successful exploitation could lead to unauthorized access to databases, configuration files, or other critical assets.
CVE-2025-2987 was publicly disclosed on April 21, 2025. There is currently no indication of active exploitation campaigns targeting this vulnerability. The vulnerability is not listed on the CISA KEV catalog at the time of this writing. Public proof-of-concept exploits are not widely available, but the SSRF nature of the vulnerability makes it likely that exploits will emerge.
Exploit Status
EPSS
0.12% (31% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-2987 is to upgrade IBM Maximo Asset Management to version 7.6.2 or later, which contains the fix. If an immediate upgrade is not feasible, consider implementing strict network segmentation to limit the potential impact of a successful SSRF attack. Implement robust input validation and sanitization to prevent attackers from crafting malicious URLs. Web Application Firewalls (WAFs) configured with rules to block suspicious outbound requests can also provide a layer of defense. Monitor network traffic for unusual outbound connections originating from the Maximo Asset Management server.
Update IBM Maximo Asset Management to a version that has addressed the SSRF vulnerability. Refer to the IBM advisory for the fixed version and specific update instructions. Apply security updates as soon as possible.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-2987 is a server-side request forgery vulnerability in IBM Maximo Asset Management allowing authenticated users to send unauthorized requests, potentially exposing internal resources.
You are affected if you are running IBM Maximo Asset Management versions 7.6.1.3–7.6.1.3. Upgrade to 7.6.2 or later to mitigate the risk.
Upgrade to IBM Maximo Asset Management version 7.6.2 or later. Implement network segmentation and input validation as interim measures.
There is currently no confirmed evidence of active exploitation, but the SSRF nature of the vulnerability suggests potential for future attacks.
Refer to the official IBM Security Bulletin for details and further guidance: [https://www.ibm.com/support/kbdoc/firstdoc?docid=instance/common/sb129850]
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.