CVE-2020-4487

{"id": "CVE-2020-4487", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "psirt@us.ibm.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2021-01-08T21:15:12.187", "references": [{"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/181862", "tags": ["VDB Entry", "Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "https://www.ibm.com/support/pages/node/6398742", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-209"}]}], "descriptions": [{"lang": "en", "value": "IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 181862."}, {"lang": "es", "value": "Los productos IBM Jazz Foundation podr\u00edan permitir a un atacante remoto obtener informaci\u00f3n confidencial cuando se devuelve un mensaje de error t\u00e9cnico detallado en el navegador. Esta informaci\u00f3n podr\u00eda ser usada en futuros ataques contra el sistema. IBM X-Force ID: 181862"}], "lastModified": "2021-01-11T19:51:00.950", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:collaborative_lifecycle_management:6.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88D8E27B-1B01-4EBE-A28B-31CFB5CB3D55"}, {"criteria": "cpe:2.3:a:ibm:collaborative_lifecycle_management:6.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FDC9B60C-F4C7-40EB-AF44-28ABE46157D8"}, {"criteria": "cpe:2.3:a:ibm:collaborative_lifecycle_management:6.0.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06699AD1-2DB4-4A97-B02B-79BA3DE0AEC9"}, {"criteria": "cpe:2.3:a:ibm:doors_next:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF77DC36-1B53-437D-B3D7-7FED92E967DB"}, {"criteria": "cpe:2.3:a:ibm:doors_next:7.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "517B31C8-6BB6-4C46-A836-2B029909B079"}, {"criteria": "cpe:2.3:a:ibm:engineering_insights:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C056314-C5ED-4CCA-B01E-34B3DA7AF6F1"}, {"criteria": "cpe:2.3:a:ibm:engineering_insights:7.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BFCC1773-1BAE-4407-A9EE-49A87E513BF3"}, {"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_management:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA1E70C2-4189-4DA2-8A14-6FE04D4093CB"}, {"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76A44AB0-E777-48F4-AEE9-AD32397B7F9C"}, {"criteria": "cpe:2.3:a:ibm:engineering_test_management:7.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E72DED9-4D72-4AC9-962A-BC73A324A9B8"}, {"criteria": "cpe:2.3:a:ibm:engineering_workflow_management:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C61454F-7B98-4A67-B2E2-E0146F1F43D1"}, {"criteria": "cpe:2.3:a:ibm:engineering_workflow_management:7.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46C5E316-FB11-4EDD-A22C-22E571DF9091"}, {"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "666FB9C2-4A39-4C21-B00B-3ABF4EE9805E"}, {"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90791CAA-18B0-4A3F-A8FA-26E3C95E7852"}, {"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "170BA44A-DF05-41C4-92DA-A0E8544AED25"}, {"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:6.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07056A3E-E464-4E08-8BEC-0801E851236C"}, {"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:6.0.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B31B4E66-AA82-4EB4-A6D7-6BEEEBC86E1C"}, {"criteria": "cpe:2.3:a:ibm:rational_quality_manager:6.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2ED82318-CB9F-4EC4-BABF-1F473B3AA799"}, {"criteria": "cpe:2.3:a:ibm:rational_quality_manager:6.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E4E17CB-517F-4976-BBBC-3CD0188710E4"}, {"criteria": "cpe:2.3:a:ibm:rational_quality_manager:6.0.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E698C1B9-529C-42A1-9C8D-8088A2C1FC01"}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF978C93-8747-416A-890B-09575EF0BA13"}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61692657-A7BD-4A51-A435-E0497EEA9C0C"}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97A2E713-1053-4697-A50E-567952929367"}, {"criteria": "cpe:2.3:a:ibm:rational_team_concert:6.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "380BB05E-6ADE-4A45-897D-9AA16E3408D1"}, {"criteria": "cpe:2.3:a:ibm:rational_team_concert:6.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "73FA2148-90A1-437D-8AD6-F626705FC780"}, {"criteria": "cpe:2.3:a:ibm:rational_team_concert:6.0.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF6288A2-92B2-49EA-B5A7-9BB210BE93CC"}, {"criteria": "cpe:2.3:a:ibm:reference_data_management:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C081789-7184-4010-8D6C-0791658108B3"}, {"criteria": "cpe:2.3:a:ibm:reference_data_management:7.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5FB0140E-68A4-4FA7-B32C-3F41FCCDED89"}, {"criteria": "cpe:2.3:a:ibm:rhapsody_model_manager:6.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "854EB28F-E803-4FBF-86A0-3D9B59B21E57"}, {"criteria": "cpe:2.3:a:ibm:rhapsody_model_manager:6.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30966CBA-B11A-446A-81C4-D382BC130CD3"}, {"criteria": "cpe:2.3:a:ibm:rhapsody_model_manager:6.0.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60EAF6B9-0892-4B1B-A424-6E2C2C1D0142"}, {"criteria": "cpe:2.3:a:ibm:rhapsody_model_manager:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D59FAE57-7A98-4C2E-8C15-66D71631A523"}, {"criteria": "cpe:2.3:a:ibm:rhapsody_model_manager:7.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E734FCD2-89E0-4F7E-80E2-A705B127E326"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}