Maximo Anywhere
by IBM
CVEs (10)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-4291 | Med | 0.42 | 6.5 | 0.00 | Feb 16, 2022 | IBM Maximo Anywhere 7.6.4.0 could allow an attacker to reverse engineer the application due to the lack of binary protection precautions. IBM X-Force ID: 160697. | ||
| CVE-2017-1604 | Med | 0.35 | 5.4 | 0.01 | Feb 21, 2018 | IBM Maximo Anywhere 7.5 and 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force… | ||
| CVE-2019-4351 | Med | 0.30 | 4.6 | 0.00 | Feb 16, 2022 | IBM Maximo Anywhere 7.6.4.0 applications could disclose sensitive information to a user with physical access to the device. IBM X-Force ID: 161493. | ||
| CVE-2019-4288 | Med | 0.28 | 4.3 | 0.00 | Apr 29, 2020 | IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 could disclose highly senstiive user information to an authenticated user with physical access to the device. IBM X-Force ID: 160631. | ||
| CVE-2019-4286 | Med | 0.28 | 4.3 | 0.00 | Apr 29, 2020 | IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 could disclose highly senstiive user information to an authenticated user with physical access to the device. IBM X-Force ID: 160514. | ||
| CVE-2019-4349 | Low | 0.23 | 3.5 | 0.00 | Nov 3, 2020 | IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 applications can be installed on a deprecated operating system version that could compromised the confidentiality and integrity of the service. IBM X-Force ID: 161486 | ||
| CVE-2019-4352 | Low | 0.16 | 2.4 | 0.00 | Feb 16, 2022 | IBM Maximo Anywhere 7.6.4.0 applications could allow obfuscation of the application source code. IBM X-Force ID: 161494. | ||
| CVE-2019-4266 | Low | 0.16 | 2.4 | 0.00 | May 6, 2020 | IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 does not have device jailbreak detection which could result in an attacker gaining sensitive information about the device. IBM X-Force ID: 160199. | ||
| CVE-2019-4265 | Low | 0.16 | 2.4 | 0.00 | Oct 10, 2019 | IBM Maximo Anywhere 7.6.0, 7.6.1, 7.6.2, and 7.6.3 does not have device root detection which could result in an attacker gaining sensitive information about the device. IBM X-Force ID: 160198. | ||
| CVE-2015-4945 | 0.00 | — | 0.01 | Jul 26, 2015 | Unspecified vulnerability in the IBM Maximo Anywhere application 7.5.1 through 7.5.1.2 for Android allows attackers to bypass a passcode protection mechanism and obtain sensitive information via a crafted application. |
- risk 0.42cvss 6.5epss 0.00
IBM Maximo Anywhere 7.6.4.0 could allow an attacker to reverse engineer the application due to the lack of binary protection precautions. IBM X-Force ID: 160697.
- risk 0.35cvss 5.4epss 0.01
IBM Maximo Anywhere 7.5 and 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force…
- risk 0.30cvss 4.6epss 0.00
IBM Maximo Anywhere 7.6.4.0 applications could disclose sensitive information to a user with physical access to the device. IBM X-Force ID: 161493.
- risk 0.28cvss 4.3epss 0.00
IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 could disclose highly senstiive user information to an authenticated user with physical access to the device. IBM X-Force ID: 160631.
- risk 0.28cvss 4.3epss 0.00
IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 could disclose highly senstiive user information to an authenticated user with physical access to the device. IBM X-Force ID: 160514.
- risk 0.23cvss 3.5epss 0.00
IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 applications can be installed on a deprecated operating system version that could compromised the confidentiality and integrity of the service. IBM X-Force ID: 161486
- risk 0.16cvss 2.4epss 0.00
IBM Maximo Anywhere 7.6.4.0 applications could allow obfuscation of the application source code. IBM X-Force ID: 161494.
- risk 0.16cvss 2.4epss 0.00
IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 does not have device jailbreak detection which could result in an attacker gaining sensitive information about the device. IBM X-Force ID: 160199.
- risk 0.16cvss 2.4epss 0.00
IBM Maximo Anywhere 7.6.0, 7.6.1, 7.6.2, and 7.6.3 does not have device root detection which could result in an attacker gaining sensitive information about the device. IBM X-Force ID: 160198.
- CVE-2015-4945Jul 26, 2015risk 0.00cvss —epss 0.01
Unspecified vulnerability in the IBM Maximo Anywhere application 7.5.1 through 7.5.1.2 for Android allows attackers to bypass a passcode protection mechanism and obtain sensitive information via a crafted application.