CVE-2019-4265

Опубликовано: 10 окт. 2019

Источник: nvd

CVSS3: 2.4

CVSS2: 2.1

EPSS Низкий

Описание

IBM Maximo Anywhere 7.6.0, 7.6.1, 7.6.2, and 7.6.3 does not have device root detection which could result in an attacker gaining sensitive information about the device. IBM X-Force ID: 160198.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/160198
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/1078995
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/160198
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/1078995
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:maximo_anywhere:7.6.0.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:maximo_anywhere:7.6.1.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:maximo_anywhere:7.6.2.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:maximo_anywhere:7.6.3.0:*:*:*:*:*:*:*

EPSS

Процентиль: 16%

0.00051

Низкий

2.4 Low

CVSS3

2.4 Low

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-922

Связанные уязвимости

GHSA-vwj4-gmcv-4hc7

github

больше 3 лет назад

IBM Maximo Anywhere 7.6.0, 7.6.1, 7.6.2, and 7.6.3 does not have device root detection which could result in an attacker gaining sensitive information about the device. IBM X-Force ID: 160198.

EPSS

Процентиль: 16%

0.00051

Низкий

2.4 Low

CVSS3

2.4 Low

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-922