CVE-2020-4547

Description

IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 183315.

CVSS breakdown

Affected products

• ibm / Engineering Lifecycle Optimization7.0 – 7.0
• ibm / Engineering Test Management7.0.0 – 7.0.0
• ibm / engineering_workflow_management7.0.2 – 7.0.2
• ibm / engineering_workflow_management7.0 – 7.0
• ibm / Rational Collaborative Lifecycle Management6.0.6.1 – 6.0.6.1
• ibm / Rational Collaborative Lifecycle Management6.0.6 – 6.0.6
• ibm / Rational Collaborative Lifecycle Management6.0.2 – 6.0.2
• ibm / Rational DOORS Next Generation7.0 – 7.0
• ibm / Rational DOORS Next Generation6.0.2 – 6.0.2
• ibm / Rational DOORS Next Generation6.0.6 – 6.0.6
• ibm / Rational DOORS Next Generation6.0.6.1 – 6.0.6.1
• ibm / Rational Engineering Lifecycle Manager7.0 – 7.0
• ibm / Rational Quality Manager6.0.2 – 6.0.2
• ibm / Rational Quality Manager6.0.6 – 6.0.6
• ibm / Rational Quality Manager6.0.6.1 – 6.0.6.1
• ibm / Rational Rhapsody Design Manager6.0.6.1 – 6.0.6.1
• ibm / Rational Rhapsody Design Manager6.0.2 – 6.0.2
• ibm / Rational Rhapsody Design Manager6.0.6 – 6.0.6
• ibm / Rational Rhapsody Model Manager6.0.2 – 6.0.2
• ibm / Rational Rhapsody Model Manager6.0.6.1 – 6.0.6.1
• ibm / Rational Rhapsody Model Manager6.0.6 – 6.0.6
• ibm / Rational Rhapsody Model Manager7.0 – 7.0
• ibm / Rational Team Concert6.0.2 – 6.0.2
• ibm / Rational Team Concert6.0.6 – 6.0.6
• ibm / Rational Team Concert6.0.6.1 – 6.0.6.1

References

• MISChttps://www.ibm.com/support/pages/node/6408694
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/183315