CVE-2020-4487
published 2021-01-08CVE-2020-4487: IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser…
medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 181862.
Affected
51 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | collaborative_lifecycle_management | — | — |
| ibm | collaborative_lifecycle_management | — | — |
| ibm | collaborative_lifecycle_management | — | — |
| ibm | doors_next | — | — |
| ibm | doors_next | — | — |
| ibm | engineering_insights | — | — |
| ibm | engineering_insights | — | — |
| ibm | engineering_lifecycle_management | — | — |
| ibm | engineering_lifecycle_management | — | — |
| ibm | engineering_lifecycle_optimization | — | — |
| ibm | engineering_lifecycle_optimization | — | — |
| ibm | engineering_test_management | — | — |
| ibm | engineering_workflow_management | — | — |
| ibm | engineering_workflow_management | — | — |
| ibm | rational_collaborative_lifecycle_management | — | — |
| ibm | rational_collaborative_lifecycle_management | — | — |
| ibm | rational_collaborative_lifecycle_management | — | — |
| ibm | rational_doors_next_generation | — | — |
| ibm | rational_doors_next_generation | — | — |
| ibm | rational_doors_next_generation | — | — |
| ibm | rational_doors_next_generation | — | — |
| ibm | rational_doors_next_generation | — | — |
| ibm | rational_engineering_lifecycle_manager | — | — |
| ibm | rational_engineering_lifecycle_manager | — | — |
| ibm | rational_engineering_lifecycle_manager | — | — |
CVSS provenance
nvdv3.14.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
osv6.7MEDIUM