Unauthorized Access Vulnerability in IBM Jazz Foundation and Engineering Products
CVE-2020-4410
4.3MEDIUM
Summary
IBM Jazz Foundation and IBM Engineering products are susceptible to an unauthorized access vulnerability, where an authenticated user can execute a specially crafted HTTP GET request. This action could allow access to sensitive attachments on the server that should remain restricted. Proper access controls and security measures are essential to mitigate this risk, as it can potentially lead to data exposure.
Affected Version(s)
Rational Rhapsody Design Manager 6.0.2
Rational Rhapsody Design Manager 7.0
References
CVSS V3.1
Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved