CVE-2019-4084IBM Rational Collaborative Lifecycle Management vulnerability

3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.2%
top 63.60%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
IBM Rational Collaborative Lifecycle ManagementIBM Rational Doors Next GenerationIBM Rational Engineering Lifecycle Manager+4 more
Timeline
PublishedJun 27
Latest updateMay 24

Description

IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) could allow an authenticated user to obtain sensitive information from CLM Applications that could be used in further attacks against the system. IBM X-Force ID: 157384.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages8 packages

NVDibm/rational_team_concert6.06.0.6.1
NVDibm/rational_quality_manager6.06.0.6.1

🔴Vulnerability Details

2
GHSA
GHSA-6jjx-h773-4c26: IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 62022-05-24
CVEList
CVE-2019-4084: IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 62019-06-27
CVE-2019-4084 — IBM vulnerability | cvebase