EUVD-2020-26221

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

IBM Jazz Foundation products are vulnerable to server side request forgery allowing unauthorized requests.

Reporter	Title	Published	Views	Family All 10
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilites affect Engineering Lifecycle Management and IBM Engineering products.	27 Jul 202121:32	–	ibm
ATTACKERKB	CVE-2020-4974	27 Jul 202100:00	–	attackerkb
Circl	CVE-2020-4974	28 Jul 202116:42	–	circl
CNNVD	IBM Jazz Foundation 代码问题漏洞	27 Jul 202100:00	–	cnnvd
CNVD	IBM Jazz Foundation has unspecified vulnerabilities	29 Jul 202100:00	–	cnvd
CVE	CVE-2020-4974	28 Jul 202112:25	–	cve
Cvelist	CVE-2020-4974	28 Jul 202112:25	–	cvelist
NVD	CVE-2020-4974	28 Jul 202113:15	–	nvd
OSV	CVE-2020-4974	28 Jul 202113:15	–	osv
Prion	Server side request forgery (ssrf)	28 Jul 202113:15	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "036c4837-76c5-3d70-88ef-369708ee4368",
        "vendor": {
          "name": "IBM"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "026fbe7a-e8a0-3923-8fdb-04bce5b59290",
        "product": {
          "name": "Rational Engineering Lifecycle Manager"
        },
        "product_version": "6.0.6.1"
      },
      {
        "id": "0a3dd55e-3a18-33da-a3e2-39b4f69b1626",
        "product": {
          "name": "Rational DOORS Next Generation"
        },
        "product_version": "6.0.6.1"
      },
      {
        "id": "144a0e76-7dbd-3c18-b221-f115e8352935",
        "product": {
          "name": "Rational Quality Manager"
        },
        "product_version": "6.0.6.1"
      },
      {
        "id": "2006ce38-db86-382f-8116-867c337f7042",
        "product": {
          "name": "Rational Team Concert"
        },
        "product_version": "6.0.6"
      },
      {
        "id": "2573e314-51be-3ba0-864f-38af09ff739e",
        "product": {
          "name": "Engineering Workflow Management"
        },
        "product_version": "7.0"
      },
      {
        "id": "2a6df254-2f26-3f5f-9c9c-05d1d2dbad45",
        "product": {
          "name": "Engineering Test Management"
        },
        "product_version": "7.0.0"
      },
      {
        "id": "4de22221-d5bf-3f04-9d74-eee803750ddd",
        "product": {
          "name": "Engineering Test Management"
        },
        "product_version": "7.0.2"
      },
      {
        "id": "57a8ebab-594a-331b-8287-0de7afca2212",
        "product": {
          "name": "Engineering Test Management"
        },
        "product_version": "7.0.1"
      },
      {
        "id": "6c9ee02c-eb97-3b53-8769-7f319a052bdc",
        "product": {
          "name": "Rational Collaborative Lifecycle Management"
        },
        "product_version": "6.0.2"
      },
      {
        "id": "742ed6a7-f3d1-3062-9000-59caa5baf18f",
        "product": {
          "name": "Engineering Lifecycle Optimization"
        },
        "product_version": "7.0.1"
      },
      {
        "id": "74fe5d42-9152-3e87-9481-8c51dde11b6e",
        "product": {
          "name": "Rational Engineering Lifecycle Manager"
        },
        "product_version": "6.0.6"
      },
      {
        "id": "7d9a73f5-a1de-3241-9af3-c93b1ebc84fb",
        "product": {
          "name": "Rational DOORS Next Generation"
        },
        "product_version": "7.0.2"
      },
      {
        "id": "83316a10-b7d2-33b8-b848-1d6359b4fe50",
        "product": {
          "name": "Engineering Lifecycle Optimization"
        },
        "product_version": "7.0"
      },
      {
        "id": "865a3129-535e-3d2a-a99a-f5951e90aeb6",
        "product": {
          "name": "Rational Collaborative Lifecycle Management"
        },
        "product_version": "6.0.6"
      },
      {
        "id": "8db401b5-4f45-3475-9e05-331b46feb8b7",
        "product": {
          "name": "Rational Quality Manager"
        },
        "product_version": "6.0.6"
      },
      {
        "id": "91ee0d64-4faf-39fe-85de-4d20b38630a4",
        "product": {
          "name": "Engineering Lifecycle Optimization"
        },
        "product_version": "7.0.2"
      },
      {
        "id": "94fa19de-b4f6-35e0-ab4e-6fdb58b61c48",
        "product": {
          "name": "Rational DOORS Next Generation"
        },
        "product_version": "7.0.1"
      },
      {
        "id": "a11600c6-852f-339e-8101-427219670b09",
        "product": {
          "name": "Rational Collaborative Lifecycle Management"
        },
        "product_version": "6.0.6.1"
      },
      {
        "id": "a14a2d36-3bb0-387f-80e4-1696490225c3",
        "product": {
          "name": "Rational Engineering Lifecycle Manager"
        },
        "product_version": "6.0.2"
      },
      {
        "id": "ab28e1a5-8a65-3ec2-9ab9-5bd64e98e0b3",
        "product": {
          "name": "Rational Team Concert"
        },
        "product_version": "6.0.6.1"
      },
      {
        "id": "d0a1c9c6-f1f0-39d0-a0c6-5e8d8ce2e138",
        "product": {
          "name": "Engineering Workflow Management"
        },
        "product_version": "7.0.2"
      },
      {
        "id": "e9b20628-ee0b-3dec-9329-5e02fb794da7",
        "product": {
          "name": "Engineering Workflow Management"
        },
        "product_version": "7.0.1"
      },
      {
        "id": "ece8ed12-adee-359d-9a39-6f5e43345a9b",
        "product": {
          "name": "Rational DOORS Next Generation"
        },
        "product_version": "6.0.6"
      },
      {
        "id": "f7dfbe18-9aaf-306b-81b7-b53cad4a50a3",
        "product": {
          "name": "Rational DOORS Next Generation"
        },
        "product_version": "7.0"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/6475919
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/192434
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.5Medium risk

Vulners AI Score6.5

CVSS 36.3

CVSS 3.16.3

CVSS 26.5

EPSS0.00168