MEDIUM🇬🇧 English

CVE-2020-4974

CVSS 6.3v3.1pub. 2021-07-28upd. 2024-11-21

IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 192434.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  • IBM Engineering Lifecycle Optimization Engineering Insights

    APP
    Ibm
    7.07.0.17.0.2
  • IBM Engineering Requirements Quality Assistant On Premises

    APP
    Ibm
    wszystkie wersje
  • IBM Engineering Test Management

    APP
    Ibm
    7.0.07.0.17.0.2
  • IBM Engineering Workflow Management

    APP
    Ibm
    7.07.0.17.0.2
  • IBM Rational Collaborative Lifecycle Management

    APP
    Ibm
    6.0.26.0.66.0.6.1
  • IBM Rational Doors Next Generation

    APP
    Ibm
    6.0.66.0.6.17.07.0.17.0.2
  • IBM Rational Engineering Lifecycle Manager

    APP
    Ibm
    6.0.26.0.66.0.6.1
  • IBM Rational Quality Manager

    APP
    Ibm
    6.0.66.0.6.1
  • IBM Rational Team Concert

    APP
    Ibm
    6.0.66.0.6.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
SSRF
CWE
Referencje

Powiązane podatności

CVE-2024-39726HIGH8.2ten sam produkt

IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 is vulnerable to an XML External...

CVE-2021-29844HIGH8.8ten sam produkt

IBM Jazz Team Server products is vulnerable to server-side request forgery (SSRF). This may allow an authentic...

CVE-2021-29774HIGH7.5ten sam produkt

IBM Jazz Team Server products could allow an authenticated user to obtain elevated privileges under certain co...

CVE-2020-4495HIGH8.8ten sam produkt

IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to bypass security restrictions...

CVE-2020-4965HIGH7.5ten sam produkt

IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow an attacker t...