Root Detection Vulnerability in IBM Maximo Anywhere
CVE-2019-4265

2.4LOW

Key Information:

Vendor: IBM
Status: Maximo Anywhere
Vendor: CVE Published:; 10 October 2019

Summary

IBM Maximo Anywhere versions 7.6.0 through 7.6.3 lack device root detection mechanisms. This deficiency may allow unauthorized attackers to gain access to sensitive device information, potentially exposing users to privacy risks and further exploitation. It is crucial for organizations using affected versions to implement adequate security measures and consider the necessary updates to safeguard against this vulnerability.

Affected Version(s)

Maximo Anywhere 7.6.0.0

Maximo Anywhere 7.6.1.0

Maximo Anywhere 7.6.2.0

References

https://www.ibm.com/support/pages/node/1078995

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/160198

vdb-entryx_refsource_XF

CVSS V3.1

Score:

2.4

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 10, 2019
Vulnerability Reserved
Jan 3, 2019