CVE-2020-4989

MEDIUM

IBM Rational Team Concert - Exposure to Wrong Actor

Title source: rule

Description

IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 and IBM Rational Team Concert 6.0.6 and 6.0.0.1 could allow an authenticated user to obtain sensitive information about build definitions. IBM X-Force ID: 192707.

References (2)

Scores

CVSS v3 4.3
EPSS 0.0016
EPSS Percentile 36.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Classification

CWE
CWE-668
Status published

Affected Products (5)

ibm/rational_team_concert
ibm/rational_team_concert
ibm/rational_team_concert
ibm/rational_team_concert
ibm/rational_team_concert

Timeline

Published Mar 15, 2022
Tracked Since Feb 18, 2026