CVE-2021-20371
Published: Jun 2, 2021
Modified: Sep 16, 2024
CVSS v3.0
4.3
Description
IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to obtain sensitive information when an error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 195516.
| Vendor | Product | Versions |
|---|---|---|
IBM | Rational Collaborative Lifecycle Management | affected 6.0.6affected 6.0.6.1 |
IBM | Rational Engineering Lifecycle Manager | affected 6.0.6affected 6.0.6.1affected 7.0affected 7.0.1affected 7.0.2 |
IBM | Engineering Lifecycle Optimization | affected 7.0affected 7.0.1affected 7.0.2 |
IBM | Rational DOORS Next Generation | affected 6.0.6affected 6.0.6.1affected 7.0affected 7.0.1affected 7.0.2 |
IBM | Rational Quality Manager | affected 6.0.6affected 6.0.6.1 |
IBM | Rational Rhapsody Model Manager | affected 6.0.6affected 6.0.6.1affected 7.0 |
IBM | Engineering Test Management | affected 7.0.0affected 7.0.1 |
CVSS v3.0 Details
CVSS v3.0 Vector
CVSS:3.0/PR:L/AV:N/I:N/UI:N/A:N/AC:L/S:U/C:L/RC:C/E:U/RL:O
Privileges Required
Attack Vector
Integrity
User Interaction
Availability
Attack Complexity
Scope
Confidentiality
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now