Improper Access Controls in IBM Jazz for Service Management 1.1.3.20 Allow Unauthorized File Information Retrieval

Improper Access Controls in IBM Jazz for Service Management 1.1.3.20 Allow Unauthorized File Information Retrieval

CVE-2023-46186 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

IBM Jazz for Service Management 1.1.3.20 could allow an unauthorized user to obtain sensitive file information using forced browsing due to improper access controls. IBM X-Force ID: 269929.

Learn more about our User Device Pen Test.