MEDIUM🇵🇱 Wersja polska

CVE-2020-4964

CVSS 4.3v3.1pub. 2021-04-12upd. 2024-11-21

IBM Jazz Team Server products contain an undisclosed vulnerability that could allow an authenticated user to present a customized message on the application which could be used to phish other users. IBM X-Force ID: 192419.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
  • IBM Collaborative Lifecycle Management

    APP
    Ibm
    6.0.26.0.66.0.6.1
  • IBM Doors Next

    APP
    Ibm
    7.0.07.0.17.0.2
  • IBM Engineering Insights

    APP
    Ibm
    7.0.07.0.17.0.2
  • IBM Engineering Lifecycle Management

    APP
    Ibm
    7.0.07.0.17.0.2
  • IBM Engineering Requirements Management Doors Next

    APP
    Ibm
    6.0.26.0.66.0.6.1
  • IBM Engineering Test Management

    APP
    Ibm
    7.0.07.0.17.0.2
  • IBM Engineering Workflow Management

    APP
    Ibm
    7.0.07.0.17.0.2
  • IBM Rational Engineering Lifecycle Manager

    APP
    Ibm
    6.0.26.0.66.0.6.1
  • IBM Rational Quality Manager

    APP
    Ibm
    6.0.26.0.66.0.6.1
  • IBM Rational Team Concert

    APP
    Ibm
    6.0.26.0.66.0.6.1
  • IBM Removable Media Management

    APP
    Ibm
    6.0.26.0.66.0.6.17.0.07.0.1
  • IBM Rhapsody Model Manager

    APP
    Ibm
    6.0.26.0.66.0.6.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2026-3660CRITICAL9.8PL ✓ten sam produkt

IBM Engineering Lifecycle Management — nieautoryzowany zapis plików konfiguracyjnych serwera

CVE-2024-41787CRITICAL9.8PL ✓ten sam produkt

RCE poprzez race condition w IBM DOORS Next — CVE-2024-41787

CVE-2026-3603HIGH7.1ten sam produkt

IBM Engineering Lifecycle Management 7.0.3 Interim Fix 001 through  Interim Fix 021, 7.1.0  Interim Fix 001 th...

CVE-2026-4051HIGH7.2ten sam produkt

IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could allow an attacker with administrative privi...

CVE-2024-41771HIGH7.5ten sam produkt

IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7.1 could allow a remote attacker to down...