CVE-2020-4989

MEDIUM

IBM Rational Team Concert - Exposure to Wrong Actor

Title source: rule

Description

IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 and IBM Rational Team Concert 6.0.6 and 6.0.0.1 could allow an authenticated user to obtain sensitive information about build definitions. IBM X-Force ID: 192707.

References (2)

Core 2

Core References

Patch, Vendor Advisory x_refsource_confirm

https://www.ibm.com/support/pages/node/6563261

VDB Entry, Vendor Advisory vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/192707

Scores

CVSS v3 4.3

EPSS 0.0068

EPSS Percentile 47.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Details

CWE

CWE-668

Status published

Products (5)

ibm/rational_team_concert 6.0.6

ibm/rational_team_concert 6.0.6.1

ibm/rational_team_concert 7.0

ibm/rational_team_concert 7.0.1

ibm/rational_team_concert 7.0.2

Published Mar 15, 2022

Tracked Since Feb 18, 2026