Sensitive Information Exposure in IBM Jazz Foundation and Engineering Products
CVE-2020-4732
4.3MEDIUM
Key Information:
- Vendor
- IBM
- Status
- Vendor
- CVE Published:
- 2 June 2021
Summary
IBM Jazz Foundation and IBM Engineering products contain a vulnerability that may allow authenticated users to access sensitive information. This issue arises from insufficient security restrictions implemented within the application, posing a risk of unauthorized information disclosure. For further details on this vulnerability, you can refer to the official IBM support page and the IBM X-Force security resource.
Affected Version(s)
Engineering Lifecycle Optimization 7.0
Engineering Lifecycle Optimization 7.0.1
Engineering Lifecycle Optimization 7.0.2
References
CVSS V3.1
Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved