{"containers":{"cna":{"affected":[{"product":"Rational Quality Manager","vendor":"IBM","versions":[{"status":"affected","version":"6.0.2"},{"status":"affected","version":"6.0.6"},{"status":"affected","version":"6.0.6.1"}]}],"datePublic":"2020-04-07T00:00:00.000Z","descriptions":[{"lang":"en","value":"IBM Quality Manager (RQM) 6.02, 6.06, and 6.0.6.1 could allow an authenticated user to create keywords through the REST API and have them appear as if they were created by another user. IBM X-Force ID: 168295."}],"metrics":[{"cvssV3_0":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":4.3,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","exploitCodeMaturity":"UNPROVEN","integrityImpact":"LOW","privilegesRequired":"LOW","remediationLevel":"OFFICIAL_FIX","reportConfidence":"CONFIRMED","scope":"UNCHANGED","temporalScore":3.8,"temporalSeverity":"LOW","userInteraction":"NONE","vectorString":"CVSS:3.0/S:U/I:L/PR:L/C:N/AC:L/UI:N/AV:N/A:N/RC:C/RL:O/E:U","version":"3.0"}}],"problemTypes":[{"descriptions":[{"description":"Data Manipulation","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2020-04-08T14:05:42.000Z","orgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","shortName":"ibm"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://www.ibm.com/support/pages/node/6172629"},{"name":"ibm-rqm-cve20194603-spoofing (168295)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/168295"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"psirt@us.ibm.com","DATE_PUBLIC":"2020-04-07T00:00:00","ID":"CVE-2019-4603","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Rational Quality Manager","version":{"version_data":[{"version_value":"6.0.2"},{"version_value":"6.0.6"},{"version_value":"6.0.6.1"}]}}]},"vendor_name":"IBM"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"IBM Quality Manager (RQM) 6.02, 6.06, and 6.0.6.1 could allow an authenticated user to create keywords through the REST API and have them appear as if they were created by another user. IBM X-Force ID: 168295."}]},"impact":{"cvssv3":{"BM":{"A":"N","AC":"L","AV":"N","C":"N","I":"L","PR":"L","S":"U","UI":"N"},"TM":{"E":"U","RC":"C","RL":"O"}}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Data Manipulation"}]}]},"references":{"reference_data":[{"name":"https://www.ibm.com/support/pages/node/6172629","refsource":"CONFIRM","title":"IBM Security Bulletin 6172629 (Rational Quality Manager)","url":"https://www.ibm.com/support/pages/node/6172629"},{"name":"ibm-rqm-cve20194603-spoofing (168295)","refsource":"XF","title":"X-Force Vulnerability Report","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/168295"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T19:40:48.442Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://www.ibm.com/support/pages/node/6172629"},{"name":"ibm-rqm-cve20194603-spoofing (168295)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/168295"}]}]},"cveMetadata":{"assignerOrgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","assignerShortName":"ibm","cveId":"CVE-2019-4603","datePublished":"2020-04-08T14:05:42.274Z","dateReserved":"2019-01-03T00:00:00.000Z","dateUpdated":"2024-09-17T00:37:11.211Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}