9
CVE-2020-4495
- EPSS 1.51%
- Veröffentlicht 02.06.2021 21:15:07
- Zuletzt bearbeitet 21.11.2024 05:32:48
- Quelle psirt@us.ibm.com
- Teams Watchlist Login
- Unerledigt Login
IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to bypass security restrictions, caused by improper access control. By sending a specially-crafted request to the REST API, an attacker could exploit this vulnerability to bypass access restrictions, and execute arbitrary actions with administrative privileges. IBM X-Force ID: 182114.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Collaborative Lifecycle Management Version6.0.6
Ibm ≫ Collaborative Lifecycle Management Version6.0.6.1
Ibm ≫ Engineering Lifecycle Management Version7.0
Ibm ≫ Engineering Lifecycle Management Version7.0.1
Ibm ≫ Engineering Lifecycle Management Version7.0.2
Ibm ≫ Engineering Lifecycle Optimization - Engineering Insights Version7.0.1
Ibm ≫ Engineering Lifecycle Optimization - Engineering Insights Version7.0.2
Ibm ≫ Engineering Lifecycle Optimization - Publishing Version7.0
Ibm ≫ Engineering Lifecycle Optimization - Publishing Version7.0.1
Ibm ≫ Engineering Lifecycle Optimization - Publishing Version7.0.2
Ibm ≫ Engineering Test Management Version7.0.0
Ibm ≫ Engineering Test Management Version7.0.1
Ibm ≫ Rational Doors Next Generation Version6.0.6
Ibm ≫ Rational Doors Next Generation Version6.0.6.1
Ibm ≫ Rational Doors Next Generation Version7.0
Ibm ≫ Rational Doors Next Generation Version7.0.1
Ibm ≫ Rational Doors Next Generation Version7.0.2
Ibm ≫ Rational Engineering Lifecycle Manager Version6.0.6
Ibm ≫ Rational Engineering Lifecycle Manager Version6.0.6.1
Ibm ≫ Rational Quality Manager Version6.0.6
Ibm ≫ Rational Quality Manager Version6.0.6.1
Ibm ≫ Removable Media Manager Version6.0.6
Ibm ≫ Removable Media Manager Version6.0.6.1
Ibm ≫ Removable Media Manager Version7.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
Typ | Quelle | Score | Percentile |
---|---|---|---|
EPSS | FIRST.org | 1.51% | 0.794 |
Quelle | Base Score | Exploit Score | Impact Score | Vector String |
---|---|---|---|---|
nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
nvd@nist.gov | 9 | 8 | 10 |
AV:N/AC:L/Au:S/C:C/I:C/A:C
|
psirt@us.ibm.com | 8.8 | 2.8 | 5.9 |
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|