Information disclosure in Ibm Maximo Anywhere
CVE-2019-4349
IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 applications can be installed on a deprecated operating system version that could compromised the confidentiality and integrity of the service. IBM X-Force ID: 161486
Vulnerability class: Information Disclosure
EPSS: 0.003 (24.4th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 3.5 (Low). Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N.
Affected products
- Ibm Maximo Anywhere — versions 7.6.2.0, 7.6.2.1, 7.6.3.0
- Ibm Maximo_anywhere — versions 7.6.2.0, 7.6.2.1, 7.6.3.0
Weakness classification (CWE)
References
- psirt@us.ibm.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
- psirt@us.ibm.com (VDB Entry, vdb-entry, Vendor Advisory, x_refsource_XF)
Frequently asked questions
- What is CVE-2019-4349?
- CVE-2019-4349 is a low-severity vulnerability in Ibm Maximo Anywhere, classified under Information Disclosure. CVSS score: 3.5/10. Published 2020-11-03.
- How severe is CVE-2019-4349?
- Low severity. CVSS v3 base score is 3.5 out of 10.