2019-01-03 15:04:29 -05:00
{
2020-04-08 15:01:26 +00:00
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "U" ,
"I" : "L" ,
"PR" : "L" ,
"C" : "N" ,
"SCORE" : "4.300" ,
"AC" : "L" ,
"UI" : "N" ,
"AV" : "N" ,
"A" : "N"
} ,
"TM" : {
"RC" : "C" ,
"RL" : "O" ,
"E" : "U"
}
}
} ,
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM" ,
"url" : "https://www.ibm.com/support/pages/node/6172629" ,
"name" : "https://www.ibm.com/support/pages/node/6172629" ,
"title" : "IBM Security Bulletin 6172629 (Rational Quality Manager)"
} ,
{
"title" : "X-Force Vulnerability Report" ,
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/168295" ,
"name" : "ibm-rqm-cve20194603-spoofing (168295)" ,
"refsource" : "XF"
}
]
} ,
"data_version" : "4.0" ,
"data_format" : "MITRE" ,
"description" : {
"description_data" : [
2019-03-18 03:54:26 +00:00
{
2020-04-08 15:01:26 +00:00
"lang" : "eng" ,
"value" : "IBM Quality Manager (RQM) 6.02, 6.06, and 6.0.6.1 could allow an authenticated user to create keywords through the REST API and have them appear as if they were created by another user. IBM X-Force ID: 168295."
2019-03-18 03:54:26 +00:00
}
2020-04-08 15:01:26 +00:00
]
} ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM" ,
"product" : {
"product_data" : [
{
"product_name" : "Rational Quality Manager" ,
"version" : {
"version_data" : [
{
"version_value" : "6.0.2"
} ,
{
"version_value" : "6.0.6"
} ,
{
"version_value" : "6.0.6.1"
}
]
}
}
]
}
}
IBM20200408-9595
Added CVE-2019-4746, CVE-2019-4740, CVE-2019-4603, CVE-2020-4289, CVE-2020-4252, CVE-2019-4737, CVE-2019-4601, CVE-2020-4282, CVE-2019-4602, CVE-2020-4291, CVE-2020-4290, CVE-2020-4284, CVE-2020-4164
2020-04-08 09:59:05 -04:00
]
2020-04-08 15:01:26 +00:00
}
} ,
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com" ,
"DATE_PUBLIC" : "2020-04-07T00:00:00" ,
"ID" : "CVE-2019-4603" ,
"STATE" : "PUBLIC"
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "Data Manipulation"
}
]
}
]
} ,
"data_type" : "CVE"
}
