CVE-2020-4974

Published: 28/07/2021 Updated: 04/08/2021

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

CVSS v3 Base Score: 6.3 | Impact Score: 3.4 | Exploitability Score: 2.8

VMScore: 578

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF). This may allow an authenticated malicious user to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 192434.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ibm rational collaborative lifecycle management 6.0.2
ibm rational engineering lifecycle manager 6.0.2
ibm rational doors next generation 6.0.6.1
ibm rational doors next generation 6.0.6
ibm rational quality manager 6.0.6
ibm rational quality manager 6.0.6.1
ibm rational team concert 6.0.6
ibm rational team concert 6.0.6.1
ibm engineering workflow management 7.0
ibm engineering test management 7.0.0
ibm engineering workflow management 7.0.1
ibm rational engineering lifecycle manager 6.0.6
ibm rational engineering lifecycle manager 6.0.6.1
ibm rational collaborative lifecycle management 6.0.6
ibm rational collaborative lifecycle management 6.0.6.1
ibm engineering requirements quality assistant on-premises
ibm engineering workflow management 7.0.2
ibm engineering test management 7.0.1
ibm engineering test management 7.0.2
ibm engineering lifecycle optimization - engineering insights 7.0
ibm engineering lifecycle optimization - engineering insights 7.0.1
ibm engineering lifecycle optimization - engineering insights 7.0.2
ibm rational doors next generation 7.0
ibm rational doors next generation 7.0.1
ibm rational doors next generation 7.0.2

CWE-918 https://www.ibm.com/support/pages/node/6475919 https://exchange.xforce.ibmcloud.com/vulnerabilities/192434 https://nvd.nist.gov

CVE-2020-4974

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect