PT-2024-13340 · Ibm · Ibm Jazz For Service Management
Published
2024-02-14
·
Updated
2024-10-23
·
CVE-2023-46186
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Jazz for Service Management version 1.1.3.20
Description
The issue allows an unauthorized user to obtain sensitive file information using forced browsing due to improper access controls.
Recommendations
For IBM Jazz for Service Management version 1.1.3.20, consider restricting access to sensitive files and implementing proper access controls to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Jazz For Service Management