CVE-2020-4974
Published: Jul 28, 2021
Modified: Sep 17, 2024
CVSS v3.0
6.3
Description
IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 192434.
| Vendor | Product | Versions |
|---|---|---|
IBM | Engineering Test Management | affected 7.0.0affected 7.0.1affected 7.0.2 |
IBM | Rational Team Concert | affected 6.0.6affected 6.0.6.1 |
IBM | Rational Quality Manager | affected 6.0.6affected 6.0.6.1 |
IBM | Rational DOORS Next Generation | affected 6.0.6affected 6.0.6.1affected 7.0affected 7.0.1affected 7.0.2 |
IBM | Rational Collaborative Lifecycle Management | affected 6.0.2affected 6.0.6affected 6.0.6.1 |
IBM | Engineering Workflow Management | affected 7.0affected 7.0.1affected 7.0.2 |
IBM | Engineering Lifecycle Optimization | affected 7.0affected 7.0.1affected 7.0.2 |
IBM | Rational Engineering Lifecycle Manager | affected 6.0.2affected 6.0.6affected 6.0.6.1 |
CVSS v3.0 Details
CVSS v3.0 Vector
CVSS:3.0/A:L/UI:N/C:L/AV:N/PR:L/I:L/AC:L/S:U/RC:C/E:U/RL:O
Availability
User Interaction
Confidentiality
Attack Vector
Privileges Required
Integrity
Attack Complexity
Scope
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now