CVE: Common Vulnerabilities and Exposures

Required CVE Record Information

Description

IBM Jazz Foundation and IBM Engineering products could allow an authenticated user to send a specially crafted HTTP GET request to read attachments on the server that they should not have access to. IBM X-Force ID: 179539.

CVSS 1 Total

Learn more

Score	Severity	Version	Vector String
4.3	MEDIUM	3.0	CVSS:3.0/AV:N/UI:N/A:N/I:N/S:U/PR:L/C:L/AC:L/RC:C/E:U/RL:O

Product Status

Learn more

Versions 2 Total

Default Status: unknown

affected

References 2 Total

https://www.ibm.com/support/pages/node/6255694
external site
exchange.xforce.ibmcloud.com: ibm-etm-cve20204410-info-disc (179539)
external site
vdb-entry

Updated: 2024-08-04

This container includes required additional information provided by the CVE Program for this vulnerability.

References 2 Total

https://www.ibm.com/support/pages/node/6255694
external site
x_transferred
exchange.xforce.ibmcloud.com: ibm-etm-cve20204410-info-disc (179539)
external site
vdb-entryx_transferred

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: IBM Corporation

Description

CVSS 1 Total

Product Status

References 2 Total

CVE Program

References 2 Total