How severe is CVE-2019-4252?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Vulnerability in Ibm Rational Collaborative Lifecycle Management

CVE-2019-4252

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view a…

EPSS: 0.006 (70.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.0/A:N/AC:L/S:U/I:N/C:H/PR:L/AV:N/UI:N/RC:C/E:U/RL:O.

Affected products

Ibm Rational Collaborative Lifecycle Management — versions 6.0, 6.0.1, 6.0.2

References

www.ibm.com/support/docview.wss (x_refsource_CONFIRM)
ibm-rtc-cve20194252-info-disc (159883) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2019-4252?: CVE-2019-4252 is a medium-severity vulnerability in Ibm Rational Collaborative Lifecycle Management. CVSS score: 6.5/10. Published 2019-06-27.
How severe is CVE-2019-4252?: Medium severity. CVSS v3 base score is 6.5 out of 10.