First published: Fri Feb 18 2022(Updated: )
IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 and IBM Rational Team Concert 6.0.6 and 6.0.0.1 could allow an authenticated user to obtain sensitive information about build definitions. IBM X-Force ID: 192707.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Rational Team Concert | =6.0.6 | |
IBM Rational Team Concert | =6.0.6.1 | |
IBM Rational Team Concert | =7.0 | |
IBM Rational Team Concert | =7.0.1 | |
IBM Rational Team Concert | =7.0.2 | |
IBM RTC | <=6.0.6 | |
IBM RTC | <=6.0.6.1 | |
IBM EWM | <=7.0 | |
IBM EWM | <=7.0.1 | |
IBM EWM | <=7.0.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2020-4989.
The severity level of CVE-2020-4989 is medium.
IBM Rational Team Concert versions 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2, as well as IBM Engineering Workflow Management versions 7.0, 7.0.1, and 7.0.2, are affected by CVE-2020-4989.
CVE-2020-4989 allows an authenticated user to obtain sensitive information about build definitions.
Yes, you can find more information about CVE-2020-4989 at the following references: [IBM X-Force ID: 192707](https://exchange.xforce.ibmcloud.com/vulnerabilities/192707) and [IBM Support Page](https://www.ibm.com/support/pages/node/6563261).