CVE-2019-4603

IBM Quality Manager (RQM) 6.02, 6.06, and 6.0.6.1 could allow an authenticated user to create keywords through the REST API and have them appear as if they were created by another user. IBM X-Force ID: 168295.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
ibmCNA
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/S:U/I:L/PR:L/C:N/AC:L/UI:N/AV:N/A:N/RC:C/RL:O/E:U
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 29%
VendorProductVersion
ibmrational_quality_manager
6.0.2
ibmrational_quality_manager
6.0.6
ibmrational_quality_manager
6.0.6.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/168295
https://www.ibm.com/support/pages/node/6172629
https://exchange.xforce.ibmcloud.com/vulnerabilities/168295
https://www.ibm.com/support/pages/node/6172629