What is CVE-2025-14684?

CVE-2025-14684 is a medium-severity vulnerability in Ibm Maximo Application Suite - Monitor Component, classified under Improper Output Neutralization for Logs. CVSS score: 4.0/10. Published 2026-03-25.

How severe is CVE-2025-14684?

Medium severity. CVSS v3 base score is 4.0 out of 10.

Vulnerability in Ibm Maximo Application Suite - Monitor Component

CVE-2025-14684

IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files.

EPSS: 0.000 (0.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.0 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N.

Affected products

Ibm Maximo Application Suite - Monitor Component — versions 9.1, 9.0, 8.11

Weakness classification (CWE)

CWE-117 — Improper Output Neutralization for Logs

References

www.ibm.com/support/pages/node/7267481 (vendor-advisory, patch)

Frequently asked questions

What is CVE-2025-14684?: CVE-2025-14684 is a medium-severity vulnerability in Ibm Maximo Application Suite - Monitor Component, classified under Improper Output Neutralization for Logs. CVSS score: 4.0/10. Published 2026-03-25.
How severe is CVE-2025-14684?: Medium severity. CVSS v3 base score is 4.0 out of 10.