CVE-2020-4410
published 2020-08-04CVE-2020-4410: IBM Jazz Foundation and IBM Engineering products could allow an authenticated user to send a specially crafted HTTP GET request to read attachments on the…
medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
IBM Jazz Foundation and IBM Engineering products could allow an authenticated user to send a specially crafted HTTP GET request to read attachments on the server that they should not have access to. IBM X-Force ID: 179539.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | engineering_test_management | — | — |
| ibm | rational_rhapsody_design_manager | — | — |
| ibm | rational_rhapsody_design_manager | — | — |
| ibm | rational_rhapsody_design_manager | — | — |