Information Disclosure Vulnerability in IBM Maximo Anywhere Applications
CVE-2019-4351

2.1LOW

Key Information:

Vendor: IBM
Status: Maximo Anywhere
Vendor: CVE Published:; 16 February 2022

Summary

IBM Maximo Anywhere applications, specifically version 7.6.4.0, are susceptible to an information disclosure vulnerability. This flaw could allow an unauthorized user with physical access to a device running the application to gain access to sensitive information. Proper security measures are crucial to prevent data breaches and safeguard user privacy. Organizations utilizing these applications must implement strict access controls and monitor physical access to devices to mitigate potential risks.

Affected Version(s)

Maximo Anywhere 7.6.4.0

References

https://www.ibm.com/support/pages/node/6556820

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/161493

vdb-entryx_refsource_XF

CVSS V3.1

Score:

2.1

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 16, 2022
Vulnerability Reserved
Jan 3, 2019