CVE-2020-4964

Published: Apr 12, 2021Modified: Nov 21, 2024

4.3

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

IBM Jazz Team Server products contain an undisclosed vulnerability that could allow an authenticated user to present a customized message on the application which could be used to phish other users. IBM X-Force ID: 192419.

Affected (38)

Products: Ibm: Collaborative Lifecycle Management, Doors Next, Engineering Insights, Engineering Lifecycle Management, Engineering Requirements Management Doors Next, Engineering Test Management, Engineering Workflow Management, Rational Engineering Lifecycle Manager, Rational Quality Manager, Rational Team Concert, Removable Media Management, Rhapsody Model Manager

Ibm

12 products

Collaborative Lifecycle Management

Doors Next

Engineering Insights

Engineering Lifecycle Management

Engineering Requirements Management Doors Next

Engineering Test Management

Engineering Workflow Management

Rational Engineering Lifecycle Manager

Rational Quality Manager

Rational Team Concert

Removable Media Management

Rhapsody Model Manager

Configuration A

38 vulnerable

Vulnerable Software	Affected Versions
Ibm Collaborative Lifecycle Management	Version 6.0.2
Ibm Collaborative Lifecycle Management	Version 6.0.6.1
Ibm Collaborative Lifecycle Management	Version 6.0.6
Ibm Doors Next	Version 7.0.0
Ibm Doors Next	Version 7.0.1
Ibm Doors Next	Version 7.0.2
Ibm Engineering Insights	Version 7.0.0
Ibm Engineering Insights	Version 7.0.1
Ibm Engineering Insights	Version 7.0.2
Ibm Engineering Lifecycle Management	Version 7.0.0
Ibm Engineering Lifecycle Management	Version 7.0.1
Ibm Engineering Lifecycle Management	Version 7.0.2
Ibm Engineering Requirements Management Doors Next	Version 6.0.2
Ibm Engineering Requirements Management Doors Next	Version 6.0.6.1
Ibm Engineering Requirements Management Doors Next	Version 6.0.6
Ibm Engineering Test Management	Version 7.0.0
Ibm Engineering Test Management	Version 7.0.1
Ibm Engineering Test Management	Version 7.0.2
Ibm Engineering Workflow Management	Version 7.0.0
Ibm Engineering Workflow Management	Version 7.0.1
Ibm Engineering Workflow Management	Version 7.0.2
Ibm Rational Engineering Lifecycle Manager	Version 6.0.2
Ibm Rational Engineering Lifecycle Manager	Version 6.0.6.1
Ibm Rational Engineering Lifecycle Manager	Version 6.0.6
Ibm Rational Quality Manager	Version 6.0.2
Ibm Rational Quality Manager	Version 6.0.6.1
Ibm Rational Quality Manager	Version 6.0.6
Ibm Rational Team Concert	Version 6.0.2
Ibm Rational Team Concert	Version 6.0.6.1
Ibm Rational Team Concert	Version 6.0.6
Ibm Removable Media Management	Version 6.0.2
Ibm Removable Media Management	Version 6.0.6.1
Ibm Removable Media Management	Version 6.0.6
Ibm Removable Media Management	Version 7.0.0
Ibm Removable Media Management	Version 7.0.1
Ibm Rhapsody Model Manager	Version 6.0.2
Ibm Rhapsody Model Manager	Version 6.0.6.1
Ibm Rhapsody Model Manager	Version 6.0.6

References (4)

https://exchange.xforce.ibmcloud.com/vulnerabilities/192419

Source: psirt@us.ibm.com

VDB Entry

https://www.ibm.com/support/pages/node/6441803

Source: psirt@us.ibm.com

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/192419

Source: af854a3a-2127-422b-91ae-364da2661108

VDB Entry

https://www.ibm.com/support/pages/node/6441803

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.