Vulnerabilities > IBM > Maximo Anywhere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-16 | CVE-2019-4291 | Inadequate Encryption Strength vulnerability in IBM Maximo Anywhere 7.6.4.0 IBM Maximo Anywhere 7.6.4.0 could allow an attacker to reverse engineer the application due to the lack of binary protection precautions. | 6.5 |
| 2022-02-16 | CVE-2019-4351 | Unspecified vulnerability in IBM Maximo Anywhere 7.6.4.0 IBM Maximo Anywhere 7.6.4.0 applications could disclose sensitive information to a user with physical access to the device. low complexity ibm | 4.6 |
| 2022-02-16 | CVE-2019-4352 | Unspecified vulnerability in IBM Maximo Anywhere 7.6.4.0 IBM Maximo Anywhere 7.6.4.0 applications could allow obfuscation of the application source code. low complexity ibm | 2.4 |
| 2020-11-03 | CVE-2019-4349 | Information Exposure vulnerability in IBM Maximo Anywhere IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 applications can be installed on a deprecated operating system version that could compromised the confidentiality and integrity of the service. | 3.5 |
| 2020-05-06 | CVE-2019-4266 | Improper Privilege Management vulnerability in IBM Maximo Anywhere IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 does not have device jailbreak detection which could result in an attacker gaining sensitive information about the device. | 2.4 |
| 2020-04-29 | CVE-2019-4288 | Unspecified vulnerability in IBM Maximo Anywhere IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 could disclose highly senstiive user information to an authenticated user with physical access to the device. low complexity ibm | 4.3 |
| 2020-04-29 | CVE-2019-4286 | Information Exposure Through Log Files vulnerability in IBM Maximo Anywhere IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 could disclose highly senstiive user information to an authenticated user with physical access to the device. | 4.3 |
| 2020-02-19 | CVE-2019-4429 | Cross-site Scripting vulnerability in IBM products IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to cross-site scripting. | 5.4 |
| 2019-10-10 | CVE-2019-4265 | Insecure Storage of Sensitive Information vulnerability in IBM Maximo Anywhere IBM Maximo Anywhere 7.6.0, 7.6.1, 7.6.2, and 7.6.3 does not have device root detection which could result in an attacker gaining sensitive information about the device. | 2.4 |
| 2018-02-21 | CVE-2017-1604 | Cross-site Scripting vulnerability in IBM Maximo Anywhere IBM Maximo Anywhere 7.5 and 7.6 is vulnerable to cross-site scripting. | 5.4 |