4.3

CVE-2019-4286

IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 could disclose highly senstiive user information to an authenticated user with physical access to the device. IBM X-Force ID: 160514.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmMaximo Anywhere Version7.6.2.0
IbmMaximo Anywhere Version7.6.2.1
IbmMaximo Anywhere Version7.6.3.0
IbmMaximo Anywhere Version7.6.3.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.34% 0.255
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 0.7 3.6
CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:P/I:N/A:N
psirt@us.ibm.com 4.3 0.7 3.6
CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE-532 Insertion of Sensitive Information into Log File

The product writes sensitive information to a log file.

https://exchange.xforce.ibmcloud.com/vulnerabilities/160514
Vendor Advisory
VDB Entry
https://www.ibm.com/support/pages/node/6202556
Patch
Vendor Advisory