CVE-2020-4667: Input Validation

Q: What is the vulnerability ID of this issue?

The vulnerability ID of this issue is CVE-2020-4667.

Q: What is the severity rating of CVE-2020-4667?

The severity rating of CVE-2020-4667 is medium.

Q: What is the affected software?

The affected software is IBM Engineering Requirements Quality Assistant On-Premises.

Q: How can an authenticated user exploit this vulnerability?

An authenticated user can exploit this vulnerability to obtain sensitive information.

Q: Where can I find more information about this vulnerability?

You can find more information about this vulnerability at the following links: [IBM X-Force ID: 186282](https://exchange.xforce.ibmcloud.com/vulnerabilities/186282) and [IBM Support](https://www.ibm.com/support/pages/node/6398724).

Published Jan 7, 2021

Updated

IBM Engineering Requirements Quality Assistant could allow an authenticated user to obtain sensitive information due to improper input validation.

Other sources

IBM Engineering Requirements Quality Assistant On-Premises could allow an authenticated user to obtain sensitive information due to improper input validation. IBM X-Force ID: 186282.

Affected Software

2 affected components

IBM Engineering Requirements Quality Assistant On-Premises<=All

IBM Engineering Requirements Quality Assistant On-Premises

Remediation

Patch Available

https://www.ibm.com/support/pages/node/6398724

Event History

Jan 7, 2021

CVE Published

via IBM·12:00 AM

Jan 8, 2021

CVE Published

via MITRE·02:45 PM

Data Sourced

via MITRE·02:45 PM

DescriptionSeverityWeakness

Parent advisories

This vulnerability appears in the following advisories.

IBM-6398724

Frequently Asked Questions

What is the vulnerability ID of this issue?

The vulnerability ID of this issue is CVE-2020-4667.

What is the severity rating of CVE-2020-4667?