{"containers":{"cna":{"affected":[{"product":"Rational Collaborative Lifecycle Management","vendor":"IBM","versions":[{"status":"affected","version":"6.0"},{"status":"affected","version":"6.0.1"},{"status":"affected","version":"6.0.2"},{"status":"affected","version":"6.0.3"},{"status":"affected","version":"6.0.4"},{"status":"affected","version":"6.0.5"},{"status":"affected","version":"6.0.6"},{"status":"affected","version":"6.0.6.1"}]}],"datePublic":"2019-06-25T00:00:00.000Z","descriptions":[{"lang":"en","value":"IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) could allow an authenticated user to obtain sensitive information from CLM Applications that could be used in further attacks against the system. IBM X-Force ID: 157384."}],"metrics":[{"cvssV3_0":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":4.3,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","exploitCodeMaturity":"UNPROVEN","integrityImpact":"NONE","privilegesRequired":"LOW","remediationLevel":"OFFICIAL_FIX","reportConfidence":"CONFIRMED","scope":"UNCHANGED","temporalScore":3.8,"temporalSeverity":"LOW","userInteraction":"NONE","vectorString":"CVSS:3.0/UI:N/AV:N/PR:L/S:U/I:N/C:L/AC:L/A:N/RC:C/E:U/RL:O","version":"3.0"}}],"problemTypes":[{"descriptions":[{"description":"Obtain Information","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2019-06-27T13:45:29.000Z","orgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","shortName":"ibm"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"http://www.ibm.com/support/docview.wss?uid=ibm10956525"},{"name":"ibm-jazz-cve20194084-info-disc (157384)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/157384"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"psirt@us.ibm.com","DATE_PUBLIC":"2019-06-25T00:00:00","ID":"CVE-2019-4084","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Rational Collaborative Lifecycle Management","version":{"version_data":[{"version_value":"6.0"},{"version_value":"6.0.1"},{"version_value":"6.0.2"},{"version_value":"6.0.3"},{"version_value":"6.0.4"},{"version_value":"6.0.5"},{"version_value":"6.0.6"},{"version_value":"6.0.6.1"}]}}]},"vendor_name":"IBM"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) could allow an authenticated user to obtain sensitive information from CLM Applications that could be used in further attacks against the system. IBM X-Force ID: 157384."}]},"impact":{"cvssv3":{"BM":{"A":"N","AC":"L","AV":"N","C":"L","I":"N","PR":"L","S":"U","UI":"N"},"TM":{"E":"U","RC":"C","RL":"O"}}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Obtain Information"}]}]},"references":{"reference_data":[{"name":"http://www.ibm.com/support/docview.wss?uid=ibm10956525","refsource":"CONFIRM","title":"IBM Security Bulletin 0956525 (Rational Collaborative Lifecycle Management)","url":"http://www.ibm.com/support/docview.wss?uid=ibm10956525"},{"name":"ibm-jazz-cve20194084-info-disc (157384)","refsource":"XF","title":"X-Force Vulnerability Report","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/157384"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T19:26:28.010Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.ibm.com/support/docview.wss?uid=ibm10956525"},{"name":"ibm-jazz-cve20194084-info-disc (157384)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/157384"}]}]},"cveMetadata":{"assignerOrgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","assignerShortName":"ibm","cveId":"CVE-2019-4084","datePublished":"2019-06-27T13:45:29.805Z","dateReserved":"2019-01-03T00:00:00.000Z","dateUpdated":"2024-09-16T22:46:44.228Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}