CVE-2020-4989

4.3MEDIUM

Key Information:

Vendor: IBM
Status: Engineering Workflow Management; Rational Team Concert
Vendor: CVE Published:; 15 March 2022

Summary

IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 and IBM Rational Team Concert 6.0.6 and 6.0.0.1 could allow an authenticated user to obtain sensitive information about build definitions. IBM X-Force ID: 192707.

Affected Version(s)

Engineering Workflow Management 7.0

Engineering Workflow Management 7.0.1

Engineering Workflow Management 7.0.2

References

https://www.ibm.com/support/pages/node/6563261

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/192707

vdb-entryx_refsource_XF

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 15, 2022
Vulnerability Reserved
Dec 30, 2019

Collectors

NVD DatabaseMitre Database