CVE-2014-3025

EPSS 0.21% · P43 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2014-3025

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo Asset Management 6.2 through 6.2.8, 6.x and 7.1 through 7.1.1.2, and 7.5 through 7.5.0.6; Maximo Asset Management 7.5 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk; and Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.2, and 7.2 for Tivoli Asset Management for IT and certain other products allow remote authenticated users to inject arbitrary web script or HTML via unspecified input to a .jsp file under webclient/utility/.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

多款IBM产品跨站脚本漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

IBM Maximo Asset Management等都是美国IBM公司的产品。IBM Maximo Asset Management for SmartCloud Control Desk（SCCD）是一套用于资产和服务管理解决方案（SCCD）中的综合性资产生命周期和维护管理软件。Maximo Asset Management for Tivoli Asset Management for IT是一套IT资产管理解决方案。多款IBM产品中存在跨站脚本漏洞，该漏洞源于webclient/utility

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2014-3025

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2014-3025

请登录查看更多情报信息。

http://www-01.ibm.com/support/docview.wss?uid=swg21678754x_refsource_CONFIRM
http://secunia.com/advisories/59640third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/59570third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/93064vdb-entryx_refsource_XF
https://nvd.nist.gov/vuln/detail/CVE-2014-3025

Same Patch Batch · n/a · 2014-07-30 · 6 CVEs total

CVE-2014-5117		Tor 安全漏洞
CVE-2014-0914		多款IBM产品跨站脚本漏洞
CVE-2014-0915		多款IBM产品跨站脚本漏洞
CVE-2014-0947		IBM Rational Software Architect Design Manager 安全漏洞
CVE-2014-0948		IBM Rational Software Architect Design Manager和Rational Rhapsody Design Manager 安全漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2014-3025

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2014-3025

I. Basic Information for CVE-2014-3025

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2014-3025

III. Intelligence Information for CVE-2014-3025

Same Patch Batch · n/a · 2014-07-30 · 6 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2014-3025

Leave a comment