CVE-2019-4603

MEDIUM

IBM Quality Manager - Privilege Escalation

Title source: llm
STIX 2.1

Description

IBM Quality Manager (RQM) 6.02, 6.06, and 6.0.6.1 could allow an authenticated user to create keywords through the REST API and have them appear as if they were created by another user. IBM X-Force ID: 168295.

References (2)

Core 2
Core References
Patch, Vendor Advisory x_refsource_confirm
https://www.ibm.com/support/pages/node/6172629
VDB Entry, Vendor Advisory vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/168295

Scores

CVSS v3 4.3
EPSS 0.0010
EPSS Percentile 27.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Details

CWE
CWE-732
Status published
Products (3)
ibm/rational_quality_manager 6.0.2
ibm/rational_quality_manager 6.0.6
ibm/rational_quality_manager 6.0.6.1
Published Apr 08, 2020
Tracked Since Feb 18, 2026