Lucene search

CVE-2020-4920

🗓️ 12 Apr 2021 18:12:15Reported by ibmType

IBM Jazz Team Server products vulnerable to stored cross-site scripting leading to potential credential disclosure

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 5
Cvelist	CVE-2020-4920	12 Apr 202118:00	–	cvelist
CNVD	IBM Jazz Team Server Cross-Site Scripting Vulnerability (CNVD-2021-32643)	13 Apr 202100:00	–	cnvd
NVD	CVE-2020-4920	12 Apr 202118:15	–	nvd
Prion	Cross site scripting	12 Apr 202118:15	–	prion
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilites affect IBM Jazz Foundation and IBM Engineering products.	9 Apr 202118:57	–	ibm

Nvd

Vulners

Node

ibm collaborative_lifecycle_managementMatch6.0.2

ibm collaborative_lifecycle_managementMatch6.0.6

ibm collaborative_lifecycle_managementMatch6.0.6.1

ibm doors_nextMatch7.0.0

ibm doors_nextMatch7.0.1

ibm doors_nextMatch7.0.2

ibm engineering_insightsMatch7.0.0

ibm engineering_insightsMatch7.0.1

ibm engineering_insightsMatch7.0.2

ibm engineering_lifecycle_managementMatch7.0.0

ibm engineering_lifecycle_managementMatch7.0.1

ibm engineering_lifecycle_managementMatch7.0.2

ibm engineering_requirements_management_doors_nextMatch6.0.2

ibm engineering_requirements_management_doors_nextMatch6.0.6

ibm engineering_requirements_management_doors_nextMatch6.0.6.1

ibm engineering_test_managementMatch7.0.0

ibm engineering_test_managementMatch7.0.1

ibm engineering_test_managementMatch7.0.2

ibm engineering_workflow_managementMatch7.0.0

ibm engineering_workflow_managementMatch7.0.1

ibm engineering_workflow_managementMatch7.0.2

ibm rational_engineering_lifecycle_managerMatch6.0.2

ibm rational_engineering_lifecycle_managerMatch6.0.6

ibm rational_engineering_lifecycle_managerMatch6.0.6.1

ibm rational_quality_managerMatch6.0.2

ibm rational_quality_managerMatch6.0.6

ibm rational_quality_managerMatch6.0.6.1

ibm rational_team_concertMatch6.0.2

ibm rational_team_concertMatch6.0.6

ibm rational_team_concertMatch6.0.6.1

ibm removable_media_managementMatch6.0.2

ibm removable_media_managementMatch6.0.6

ibm removable_media_managementMatch6.0.6.1

ibm removable_media_managementMatch7.0.0

ibm removable_media_managementMatch7.0.1

ibm rhapsody_model_managerMatch6.0.2

ibm rhapsody_model_managerMatch6.0.6

ibm rhapsody_model_managerMatch6.0.6.1

[
  {
    "product": "Rational Engineering Lifecycle Manager",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "6.0.2"
      },
      {
        "status": "affected",
        "version": "6.0.6"
      },
      {
        "status": "affected",
        "version": "6.0.6.1"
      },
      {
        "status": "affected",
        "version": "7.0"
      },
      {
        "status": "affected",
        "version": "7.0.1"
      }
    ]
  },
  {
    "product": "Rational Quality Manager",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "6.0.2"
      },
      {
        "status": "affected",
        "version": "6.0.6"
      },
      {
        "status": "affected",
        "version": "6.0.6.1"
      }
    ]
  },
  {
    "product": "Rational Team Concert",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "6.0.2"
      },
      {
        "status": "affected",
        "version": "6.0.6"
      },
      {
        "status": "affected",
        "version": "6.0.6.1"
      }
    ]
  },
  {
    "product": "Rational Collaborative Lifecycle Management",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "6.0.2"
      },
      {
        "status": "affected",
        "version": "6.0.6"
      },
      {
        "status": "affected",
        "version": "6.0.6.1"
      }
    ]
  },
  {
    "product": "Rational DOORS Next Generation",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "6.0.2"
      },
      {
        "status": "affected",
        "version": "6.0.6"
      },
      {
        "status": "affected",
        "version": "6.0.6.1"
      },
      {
        "status": "affected",
        "version": "7.0"
      },
      {
        "status": "affected",
        "version": "7.0.1"
      },
      {
        "status": "affected",
        "version": "7.0.2"
      }
    ]
  },
  {
    "product": "Engineering Test Management",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "7.0.0"
      },
      {
        "status": "affected",
        "version": "7.0.1"
      },
      {
        "status": "affected",
        "version": "7.0.2"
      }
    ]
  },
  {
    "product": "Engineering Lifecycle Optimization",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "7.0"
      },
      {
        "status": "affected",
        "version": "7.0.1"
      },
      {
        "status": "affected",
        "version": "7.0.2"
      }
    ]
  },
  {
    "product": "Engineering Workflow Management",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "7.0"
      },
      {
        "status": "affected",
        "version": "7.0.1"
      },
      {
        "status": "affected",
        "version": "7.0.2"
      }
    ]
  },
  {
    "product": "Rational Rhapsody Model Manager",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "6.0.6"
      },
      {
        "status": "affected",
        "version": "6.0.6.1"
      },
      {
        "status": "affected",
        "version": "7.0"
      },
      {
        "status": "affected",
        "version": "7.0.1"
      },
      {
        "status": "affected",
        "version": "6.0.2"
      }
    ]
  }
]

Source	Link
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/191396
ibm	www.ibm.com/support/pages/node/6441803

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

12 Apr 2021 18:15Current

5.5Medium risk

Vulners AI Score5.5

CVSS24.3

CVSS35.4 - 6.4

EPSS0.00128

CWE-79