Vulnerabilities > IBM > Maximo Anywhere > 7.6.2.0

DATE CVE VULNERABILITY TITLE RISK
2020-11-03 CVE-2019-4349 Information Exposure vulnerability in IBM Maximo Anywhere
IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 applications can be installed on a deprecated operating system version that could compromised the confidentiality and integrity of the service.
local
low complexity
ibm CWE-200
3.6
3.6
2020-05-06 CVE-2019-4266 Improper Privilege Management vulnerability in IBM Maximo Anywhere
IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 does not have device jailbreak detection which could result in an attacker gaining sensitive information about the device.
local
low complexity
ibm CWE-269
2.1
2.1
2020-04-29 CVE-2019-4288 Information Exposure vulnerability in IBM Maximo Anywhere
IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 could disclose highly senstiive user information to an authenticated user with physical access to the device.
local
low complexity
ibm CWE-200
2.1
2.1
2020-04-29 CVE-2019-4286 Information Exposure vulnerability in IBM Maximo Anywhere
IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 could disclose highly senstiive user information to an authenticated user with physical access to the device.
local
low complexity
ibm CWE-200
2.1
2.1
2019-10-10 CVE-2019-4265 Insecure Storage of Sensitive Information vulnerability in IBM Maximo Anywhere
IBM Maximo Anywhere 7.6.0, 7.6.1, 7.6.2, and 7.6.3 does not have device root detection which could result in an attacker gaining sensitive information about the device.
local
low complexity
ibm CWE-922
2.1
2.1
2018-02-21 CVE-2017-1604 Cross-site Scripting vulnerability in IBM Maximo Anywhere
IBM Maximo Anywhere 7.5 and 7.6 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5