IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 183315.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:S/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Ibm
  • Collaborative Lifecycle Management
  • Engineering Insights
  • Engineering Lifecycle Management
  • Engineering Requirements Management Doors Next
  • Engineering Test Management
  • Engineering Workflow Management
  • Global Configuration Management
  • Rational Engineering Lifecycle Manager
  • Rational Quality Manager
  • Rhapsody Design Manager
  • Rhapsody Model Manager

Configuration 1 [-]

OR cpe:2.3:a:ibm:collaborative_lifecycle_management:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:collaborative_lifecycle_management:6.0.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:collaborative_lifecycle_management:6.0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:engineering_insights:7.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:engineering_lifecycle_management:7.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:engineering_requirements_management_doors_next:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:engineering_requirements_management_doors_next:6.0.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:engineering_requirements_management_doors_next:6.0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:engineering_requirements_management_doors_next:7.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:engineering_test_management:7.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:engineering_workflow_management:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:engineering_workflow_management:6.0.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:engineering_workflow_management:6.0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:engineering_workflow_management:7.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:engineering_workflow_management:7.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:global_configuration_management:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:6.0.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:6.0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_quality_manager:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_quality_manager:6.0.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_quality_manager:6.0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rhapsody_design_manager:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rhapsody_design_manager:6.0.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rhapsody_design_manager:6.0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rhapsody_design_manager:7.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rhapsody_model_manager:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rhapsody_model_manager:6.0.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rhapsody_model_manager:6.0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rhapsody_model_manager:7.0:*:*:*:*:*:*:*

No data.

References
Link Providers
https://exchange.xforce.ibmcloud.com/vulnerabilities/183315 cve-icon cve-icon
https://www.ibm.com/support/pages/node/6408694 cve-icon cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2021-01-27T16:15:26.519672Z

Updated: 2024-09-17T03:18:48.984Z

Reserved: 2019-12-30T00:00:00

Link: CVE-2020-4547

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2021-01-27T17:15:11.323

Modified: 2021-01-29T21:43:13.687

Link: CVE-2020-4547

cve-icon Redhat

No data.