Unauthorized Access to Sensitive File Information
CVE-2023-46186
7.5HIGH
Summary
The vulnerability within IBM Jazz for Service Management version 1.1.3.20 presents a significant risk by allowing unauthorized users to exploit improper access controls. This flaw can lead to unauthorized access to sensitive file information through forced browsing techniques, compromising the confidentiality of affected systems. Organizations utilizing this product are advised to review their access controls and implement necessary measures to mitigate potential risks.
Affected Version(s)
Jazz for Service Management 1.1.3.20
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved