CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
21.4%
A vulnerability was identified and remediated in the IBM MaaS360 MDM for Android Application (Version 8.60 and Prior)
CVEID:CVE-2024-35118
**DESCRIPTION:**IBM MaaS360 Android agent (v 8.55 and lower) is using hard coded credentials that can be obtained by a user with physical access to the device.
CVSS Base score: 4.6
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/290341 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Product(s) | Version(s) |
---|---|
Maas360 MDM for Android App | 6.31 - 8.60 |
IBM encourages customers to update their systems promptly.
Update the MaaS360 MDM for Android to version 8.65 or greater.
The app is available in the Google Play store; update it manually on your device.
If the app is a managed app through the MaaS360 App Catalog, then follow the documentation here.
None
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
21.4%