First published: Thu Jan 07 2021(Updated: )
IBM Jazz Foundation could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Removable Media Manager | <=6.0.6.1 | |
IBM Removable Media Manager | <=6.0.6 | |
IBM Removable Media Manager | <=7.0 | |
IBM Removable Media Manager | <=7.0.1 | |
IBM Removable Media Manager | <=6.0.2 | |
IBM Engineering Lifecycle Management (ELM) | <=6.0.6.1 | |
IBM Engineering Lifecycle Management (ELM) | <=6.0.6 | |
IBM ENI | <=7.0 | |
IBM ENI | <=7.0.1 | |
IBM Engineering Lifecycle Management (ELM) | <=6.0.2 | |
IBM Engineering Workflow Management (EWM) | <=7.0.1 | |
IBM Rational Team Concert | <=6.0.6 | |
IBM Rational Team Concert | <=6.0.2 | |
IBM Rational Team Concert | <=6.0.6.1 | |
IBM Engineering Workflow Management (EWM) | <=7.0 | |
IBM Engineering Lifecycle Management | <=6.0.6.1 | |
IBM Engineering Lifecycle Management | <=6.0.6 | |
IBM Engineering Lifecycle Management (ELM) | <=7.0 | |
IBM Engineering Lifecycle Management (ELM) | <=7.0.1 | |
IBM Engineering Lifecycle Management | <=6.0.2 | |
IBM Rational Rhapsody | <=6.0.6 | |
IBM Rational Rhapsody | <=6.0.6.1 | |
IBM Rational Rhapsody | <=6.0.2 | |
IBM InfoSphere Master Data Management | <=7.0 | |
IBM InfoSphere Master Data Management | <=7.0.1 | |
IBM Rational Quality Manager (RQM) | <=6.0.6.1 | |
IBM Rational Quality Manager (RQM) | <=6.0.6 | |
IBM Engineering Test Management (ETM) | <=7.0.0 | |
IBM Rational Quality Manager (RQM) | <=6.0.2 | |
IBM Rational DOORS Next Generation | <=6.0.2 | |
IBM Rational DOORS Next Generation | <=7.0 | |
IBM Rational DOORS Next Generation | <=7.0.1 | |
IBM Rational DOORS Next Generation | <=6.0.6.1 | |
IBM Rational DOORS Next Generation | <=6.0.6 | |
IBM Collaborative Lifecycle Management | =6.0.2 | |
IBM Collaborative Lifecycle Management | =6.0.6 | |
IBM Collaborative Lifecycle Management | =6.0.6.1 | |
IBM Rational DOORS Next Generation | =7.0 | |
IBM Rational DOORS Next Generation | =7.0.1 | |
IBM Engineering Insights | =7.0 | |
IBM Engineering Insights | =7.0.1 | |
IBM Engineering Lifecycle Manager | =7.0 | |
IBM Engineering Lifecycle Manager | =7.0.1 | |
IBM Engineering Test Management (ETM) | =7.0.0 | |
IBM Engineering Workflow Management (EWM) | =7.0 | |
IBM Engineering Workflow Management (EWM) | =7.0.1 | |
IBM Engineering Requirements Management DOORS Next Generation | =6.0.2 | |
IBM Engineering Requirements Management DOORS Next Generation | =6.0.6 | |
IBM Engineering Requirements Management DOORS Next Generation | =6.0.6.1 | |
IBM Engineering Lifecycle Manager | =6.0.6 | |
IBM Engineering Lifecycle Manager | =6.0.6.1 | |
IBM Rational Quality Manager | =6.0.2 | |
IBM Rational Quality Manager | =6.0.6 | |
IBM Rational Quality Manager | =6.0.6.1 | |
IBM Rational Rhapsody | =6.0.2 | |
IBM Rational Rhapsody | =6.0.6 | |
IBM Rational Rhapsody | =6.0.6.1 | |
IBM Rational Team Concert | =6.0.2 | |
IBM Rational Team Concert | =6.0.6 | |
IBM Rational Team Concert | =6.0.6.1 | |
IBM InfoSphere Master Data Management | =7.0 | |
IBM InfoSphere Master Data Management | =7.0.1 | |
IBM Rhapsody Model Manager | =6.0.2 | |
IBM Rhapsody Model Manager | =6.0.6 | |
IBM Rhapsody Model Manager | =6.0.6.1 | |
IBM Rhapsody Model Manager | =7.0 | |
IBM Rhapsody Model Manager | =7.0.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2020-4544 is medium.
CVE-2020-4544 allows a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
The impact of CVE-2020-4544 is that the obtained sensitive information could be used in further attacks against the system.
IBM Jazz Foundation Products version 6.0.2, 6.0.6, and 6.0.6.1 are affected.
To mitigate the vulnerability, it is advised to refer to IBM's official support pages for more information on available fixes and patches.