6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
6.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
6.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
31.1%
IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 192434.
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | engineering_test_management | 7.0.0 | cpe:2.3:a:ibm:engineering_test_management:7.0.0:*:*:*:*:*:*:* |
ibm | engineering_test_management | 7.0.1 | cpe:2.3:a:ibm:engineering_test_management:7.0.1:*:*:*:*:*:*:* |
ibm | engineering_test_management | 7.0.2 | cpe:2.3:a:ibm:engineering_test_management:7.0.2:*:*:*:*:*:*:* |
ibm | rational_team_concert | 6.0.6 | cpe:2.3:a:ibm:rational_team_concert:6.0.6:*:*:*:*:*:*:* |
ibm | rational_team_concert | 6.0.6.1 | cpe:2.3:a:ibm:rational_team_concert:6.0.6.1:*:*:*:*:*:*:* |
ibm | rational_quality_manager | 6.0.6 | cpe:2.3:a:ibm:rational_quality_manager:6.0.6:*:*:*:*:*:*:* |
ibm | rational_quality_manager | 6.0.6.1 | cpe:2.3:a:ibm:rational_quality_manager:6.0.6.1:*:*:*:*:*:*:* |
ibm | rational_doors_next_generation | 6.0.6 | cpe:2.3:a:ibm:rational_doors_next_generation:6.0.6:*:*:*:*:*:*:* |
ibm | rational_doors_next_generation | 6.0.6.1 | cpe:2.3:a:ibm:rational_doors_next_generation:6.0.6.1:*:*:*:*:*:*:* |
ibm | rational_doors_next_generation | 7.0 | cpe:2.3:a:ibm:rational_doors_next_generation:7.0:*:*:*:*:*:*:* |
[
{
"product": "Engineering Test Management",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.0.2"
}
]
},
{
"product": "Rational Team Concert",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.0.6"
},
{
"status": "affected",
"version": "6.0.6.1"
}
]
},
{
"product": "Rational Quality Manager",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.0.6"
},
{
"status": "affected",
"version": "6.0.6.1"
}
]
},
{
"product": "Rational DOORS Next Generation",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.0.6"
},
{
"status": "affected",
"version": "6.0.6.1"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.0.2"
}
]
},
{
"product": "Rational Collaborative Lifecycle Management",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.6"
},
{
"status": "affected",
"version": "6.0.6.1"
}
]
},
{
"product": "Engineering Workflow Management",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.0.2"
}
]
},
{
"product": "Engineering Lifecycle Optimization",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.0.2"
}
]
},
{
"product": "Rational Engineering Lifecycle Manager",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.6"
},
{
"status": "affected",
"version": "6.0.6.1"
}
]
}
]
More
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
6.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
6.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
31.1%