Vulnerabilites related to ibm - rational_requirements_composer
CVE-2017-1338 (GCVE-0-2017-1338)
Vulnerability from cvelistv5
Published
2017-08-18 15:00
Modified
2024-09-16 22:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Cross-Site Scripting
Summary
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126246.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | IBM | Rational DOORS Next Generation |
Version: 5.0.2 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:32:29.824Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100353",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100353"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126246"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22004138"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rational DOORS Next Generation",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "5.0.2"
}
]
},
{
"product": "Rational DOORS Next Generation",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.5"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.4"
},
{
"status": "affected",
"version": "4.0.6"
},
{
"status": "affected",
"version": "4.0.7"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.3"
}
]
}
],
"datePublic": "2017-08-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126246."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-19T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "100353",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100353"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126246"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22004138"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-08-14T00:00:00",
"ID": "CVE-2017-1338",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rational DOORS Next Generation",
"version": {
"version_data": [
{
"version_value": "5.0.2"
}
]
}
},
{
"product_name": "Rational DOORS Next Generation",
"version": {
"version_data": [
{
"version_value": "4.0.1"
},
{
"version_value": "4.0.5"
},
{
"version_value": "4.0.2"
},
{
"version_value": "4.0.3"
},
{
"version_value": "4.0.4"
},
{
"version_value": "4.0.6"
},
{
"version_value": "4.0.7"
},
{
"version_value": "5.0"
},
{
"version_value": "5.0.1"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.3"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126246."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100353",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100353"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126246",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126246"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22004138",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22004138"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1338",
"datePublished": "2017-08-18T15:00:00Z",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-09-16T22:24:50.153Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1529 (GCVE-0-2018-1529)
Vulnerability from cvelistv5
Published
2018-07-19 14:00
Modified
2024-08-05 04:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IBM Rational DOORS Next Generation 5.0 through 5.0.2, 6.0 through 6.0.5 and IBM Rational Requirements Composer 5.0 through 5.0.2 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142291.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:07:43.410Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104928",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104928"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10717531"
},
{
"name": "ibm-dng-cve20181529-xss(142291)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/142291"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Rational DOORS Next Generation 5.0 through 5.0.2, 6.0 through 6.0.5 and IBM Rational Requirements Composer 5.0 through 5.0.2 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142291."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-01T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "104928",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104928"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10717531"
},
{
"name": "ibm-dng-cve20181529-xss(142291)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/142291"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2018-1529",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Rational DOORS Next Generation 5.0 through 5.0.2, 6.0 through 6.0.5 and IBM Rational Requirements Composer 5.0 through 5.0.2 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142291."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104928",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104928"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10717531",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10717531"
},
{
"name": "ibm-dng-cve20181529-xss(142291)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/142291"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2018-1529",
"datePublished": "2018-07-19T14:00:00",
"dateReserved": "2017-12-13T00:00:00",
"dateUpdated": "2024-08-05T04:07:43.410Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-6129 (GCVE-0-2014-6129)
Vulnerability from cvelistv5
Published
2015-03-18 10:00
Modified
2024-08-06 12:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational DOORS Next Generation 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5; and other products, allows remote authenticated users to delete the dashboards of arbitrary users via unspecified vectors.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:10:11.788Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698247"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational DOORS Next Generation 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5; and other products, allows remote authenticated users to delete the dashboards of arbitrary users via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-03-18T07:57:00",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698247"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-6129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational DOORS Next Generation 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5; and other products, allows remote authenticated users to delete the dashboards of arbitrary users via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21698247",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698247"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-6129",
"datePublished": "2015-03-18T10:00:00",
"dateReserved": "2014-09-02T00:00:00",
"dateUpdated": "2024-08-06T12:10:11.788Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3036 (GCVE-0-2013-3036)
Vulnerability from cvelistv5
Published
2013-09-12 01:00
Modified
2024-08-06 16:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Open redirect vulnerability in IBM Rational Requirements Composer before 4.0.4 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:00:08.358Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "rrc-cve20133036-url-spoofing(84688)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84688"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645927"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-09-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in IBM Rational Requirements Composer before 4.0.4 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "rrc-cve20133036-url-spoofing(84688)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84688"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645927"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-3036",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open redirect vulnerability in IBM Rational Requirements Composer before 4.0.4 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "rrc-cve20133036-url-spoofing(84688)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84688"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21645927",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645927"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-3036",
"datePublished": "2013-09-12T01:00:00",
"dateReserved": "2013-04-12T00:00:00",
"dateUpdated": "2024-08-06T16:00:08.358Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0845 (GCVE-0-2014-0845)
Vulnerability from cvelistv5
Published
2014-03-04 22:00
Modified
2024-08-06 09:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Open redirect vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:27:20.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21664412"
},
{
"name": "ibm-rrc-cve20140845-redirect(90719)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90719"
},
{
"name": "65916",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65916"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21664412"
},
{
"name": "ibm-rrc-cve20140845-redirect(90719)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90719"
},
{
"name": "65916",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65916"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-0845",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open redirect vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21664412",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21664412"
},
{
"name": "ibm-rrc-cve20140845-redirect(90719)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90719"
},
{
"name": "65916",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65916"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-0845",
"datePublished": "2014-03-04T22:00:00",
"dateReserved": "2014-01-06T00:00:00",
"dateUpdated": "2024-08-06T09:27:20.244Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5404 (GCVE-0-2013-5404)
Vulnerability from cvelistv5
Published
2013-12-10 19:00
Modified
2024-08-06 17:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in the search implementation in IBM Rational Quality Manager (RQM) 2.0 through 2.0.1.1, 3.x before 3.0.1.6 iFix 1, and 4.x before 4.0.5, as used in Rational Team Concert, Rational Requirements Composer, and other products, allows remote authenticated users to inject arbitrary web script or HTML via vectors involving an IFRAME element.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:06:52.430Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "rqm-cve20135404-search-xss(87318)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87318"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21653689"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the search implementation in IBM Rational Quality Manager (RQM) 2.0 through 2.0.1.1, 3.x before 3.0.1.6 iFix 1, and 4.x before 4.0.5, as used in Rational Team Concert, Rational Requirements Composer, and other products, allows remote authenticated users to inject arbitrary web script or HTML via vectors involving an IFRAME element."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "rqm-cve20135404-search-xss(87318)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87318"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21653689"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-5404",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the search implementation in IBM Rational Quality Manager (RQM) 2.0 through 2.0.1.1, 3.x before 3.0.1.6 iFix 1, and 4.x before 4.0.5, as used in Rational Team Concert, Rational Requirements Composer, and other products, allows remote authenticated users to inject arbitrary web script or HTML via vectors involving an IFRAME element."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "rqm-cve20135404-search-xss(87318)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87318"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21653689",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21653689"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-5404",
"datePublished": "2013-12-10T19:00:00",
"dateReserved": "2013-08-22T00:00:00",
"dateUpdated": "2024-08-06T17:06:52.430Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1928 (GCVE-0-2015-1928)
Vulnerability from cvelistv5
Published
2016-01-02 21:00
Modified
2024-08-06 05:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.x before 6.0.0 IF4; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Engineering Lifecycle Manager (RELM) 4.0.3 through 4.0.7, 5.0 through 5.0.2, and 6.0.0; Rational Rhapsody Design Manager (DM) 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0.0; and Rational Software Architect Design Manager (DM) 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0.0 allows remote authenticated users to conduct clickjacking attacks via a crafted web site.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:02:41.637Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1034568",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034568"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973200"
},
{
"name": "1034566",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034566"
},
{
"name": "1034565",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034565"
},
{
"name": "1034567",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034567"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-12-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.x before 6.0.0 IF4; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Engineering Lifecycle Manager (RELM) 4.0.3 through 4.0.7, 5.0 through 5.0.2, and 6.0.0; Rational Rhapsody Design Manager (DM) 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0.0; and Rational Software Architect Design Manager (DM) 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0.0 allows remote authenticated users to conduct clickjacking attacks via a crafted web site."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T14:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "1034568",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034568"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973200"
},
{
"name": "1034566",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034566"
},
{
"name": "1034565",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034565"
},
{
"name": "1034567",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034567"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-1928",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.x before 6.0.0 IF4; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Engineering Lifecycle Manager (RELM) 4.0.3 through 4.0.7, 5.0 through 5.0.2, and 6.0.0; Rational Rhapsody Design Manager (DM) 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0.0; and Rational Software Architect Design Manager (DM) 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0.0 allows remote authenticated users to conduct clickjacking attacks via a crafted web site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1034568",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034568"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21973200",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973200"
},
{
"name": "1034566",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034566"
},
{
"name": "1034565",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034565"
},
{
"name": "1034567",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034567"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-1928",
"datePublished": "2016-01-02T21:00:00",
"dateReserved": "2015-02-19T00:00:00",
"dateUpdated": "2024-08-06T05:02:41.637Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-6131 (GCVE-0-2014-6131)
Vulnerability from cvelistv5
Published
2015-03-18 10:00
Modified
2024-08-06 12:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational DOORS Next Generation 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5; and other products, allows remote authenticated users to read the dashboards of arbitrary users via unspecified vectors.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:10:12.048Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698247"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational DOORS Next Generation 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5; and other products, allows remote authenticated users to read the dashboards of arbitrary users via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-03-18T07:57:00",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698247"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-6131",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational DOORS Next Generation 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5; and other products, allows remote authenticated users to read the dashboards of arbitrary users via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21698247",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698247"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-6131",
"datePublished": "2015-03-18T10:00:00",
"dateReserved": "2014-09-02T00:00:00",
"dateUpdated": "2024-08-06T12:10:12.048Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1247 (GCVE-0-2017-1247)
Vulnerability from cvelistv5
Published
2017-06-12 19:00
Modified
2024-08-05 13:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Cross-Site Scripting
Summary
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124627.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | IBM | Rational DOORS Next Generation |
Version: 4.0.1 Version: 4.0.5 Version: 4.0.2 Version: 4.0.3 Version: 4.0.4 Version: 4.0.6 Version: 4.0.7 Version: 5.0 Version: 5.0.1 Version: 6.0 Version: 6.0.1 Version: 6.0.2 Version: 6.0.3 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:25:17.510Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/124627"
},
{
"name": "99002",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99002"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002809"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rational DOORS Next Generation",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.5"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.4"
},
{
"status": "affected",
"version": "4.0.6"
},
{
"status": "affected",
"version": "4.0.7"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.3"
}
]
},
{
"product": "Rational DOORS Next Generation ",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "5.0.2"
}
]
}
],
"datePublic": "2017-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124627."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-13T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/124627"
},
{
"name": "99002",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99002"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002809"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2017-1247",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rational DOORS Next Generation",
"version": {
"version_data": [
{
"version_value": "4.0.1"
},
{
"version_value": "4.0.5"
},
{
"version_value": "4.0.2"
},
{
"version_value": "4.0.3"
},
{
"version_value": "4.0.4"
},
{
"version_value": "4.0.6"
},
{
"version_value": "4.0.7"
},
{
"version_value": "5.0"
},
{
"version_value": "5.0.1"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.3"
}
]
}
},
{
"product_name": "Rational DOORS Next Generation ",
"version": {
"version_data": [
{
"version_value": "5.0.2"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124627."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/124627",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/124627"
},
{
"name": "99002",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99002"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22002809",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002809"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1247",
"datePublished": "2017-06-12T19:00:00",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-08-05T13:25:17.510Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3038 (GCVE-0-2013-3038)
Vulnerability from cvelistv5
Published
2013-09-12 01:00
Modified
2024-08-06 16:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in IBM Rational Requirements Composer before 4.0.4 makes it easier for remote attackers to discover credentials via unknown vectors.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:00:08.807Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "rrc-cve20133038-weak-security(84708)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84708"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645927"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-09-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Rational Requirements Composer before 4.0.4 makes it easier for remote attackers to discover credentials via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "rrc-cve20133038-weak-security(84708)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84708"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645927"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-3038",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM Rational Requirements Composer before 4.0.4 makes it easier for remote attackers to discover credentials via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "rrc-cve20133038-weak-security(84708)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84708"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21645927",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645927"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-3038",
"datePublished": "2013-09-12T01:00:00",
"dateReserved": "2013-04-12T00:00:00",
"dateUpdated": "2024-08-06T16:00:08.807Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0132 (GCVE-0-2015-0132)
Vulnerability from cvelistv5
Published
2015-03-18 10:00
Modified
2024-08-06 04:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The XML parser in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 and Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5 and 4.x before 4.0.7 iFix3 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:03:09.020Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698248"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The XML parser in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 and Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5 and 4.x before 4.0.7 iFix3 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-03-18T01:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698248"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-0132",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The XML parser in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 and Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5 and 4.x before 4.0.7 iFix3 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21698248",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698248"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-0132",
"datePublished": "2015-03-18T10:00:00",
"dateReserved": "2014-11-18T00:00:00",
"dateUpdated": "2024-08-06T04:03:09.020Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0125 (GCVE-0-2015-0125)
Vulnerability from cvelistv5
Published
2015-03-18 10:00
Modified
2024-08-06 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 and Rational Requirements Composer 4.x before 4.0.7 iFix3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:55:28.135Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21697297"
},
{
"name": "73105",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/73105"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 and Rational Requirements Composer 4.x before 4.0.7 iFix3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-30T18:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21697297"
},
{
"name": "73105",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/73105"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-0125",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 and Rational Requirements Composer 4.x before 4.0.7 iFix3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21697297",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21697297"
},
{
"name": "73105",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73105"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-0125",
"datePublished": "2015-03-18T10:00:00",
"dateReserved": "2014-11-18T00:00:00",
"dateUpdated": "2024-08-06T03:55:28.135Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7449 (GCVE-0-2015-7449)
Vulnerability from cvelistv5
Published
2018-03-20 21:00
Modified
2024-08-06 07:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Quality Manager (RQM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Team Concert (RTC) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Requirements Composer (RRC) 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7 before iFix1, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2 allow local users to obtain sensitive information by leveraging weak encryption. IBM X-Force ID: 108221.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:51:27.581Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985143"
},
{
"name": "ibm-jazz-cve20157449-info-disc(108221)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108221"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Quality Manager (RQM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Team Concert (RTC) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Requirements Composer (RRC) 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7 before iFix1, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2 allow local users to obtain sensitive information by leveraging weak encryption. IBM X-Force ID: 108221."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-20T20:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985143"
},
{
"name": "ibm-jazz-cve20157449-info-disc(108221)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108221"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-7449",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Quality Manager (RQM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Team Concert (RTC) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Requirements Composer (RRC) 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7 before iFix1, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2 allow local users to obtain sensitive information by leveraging weak encryption. IBM X-Force ID: 108221."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21985143",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985143"
},
{
"name": "ibm-jazz-cve20157449-info-disc(108221)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108221"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-7449",
"datePublished": "2018-03-20T21:00:00",
"dateReserved": "2015-09-29T00:00:00",
"dateUpdated": "2024-08-06T07:51:27.581Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3092 (GCVE-0-2014-3092)
Vulnerability from cvelistv5
Published
2014-09-12 01:00
Modified
2024-08-06 10:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IBM Jazz Team Server, as used in Rational Collaborative Lifecycle Management; Rational Quality Manager 3.x before 3.0.1.6 iFix 3, 4.x before 4.0.7, and 5.x before 5.0.1; and other Rational products, does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:35:55.834Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682787"
},
{
"name": "ibm-rclm-cve20143092-cookie(94258)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94258"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Jazz Team Server, as used in Rational Collaborative Lifecycle Management; Rational Quality Manager 3.x before 3.0.1.6 iFix 3, 4.x before 4.0.7, and 5.x before 5.0.1; and other Rational products, does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682787"
},
{
"name": "ibm-rclm-cve20143092-cookie(94258)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94258"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-3092",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Jazz Team Server, as used in Rational Collaborative Lifecycle Management; Rational Quality Manager 3.x before 3.0.1.6 iFix 3, 4.x before 4.0.7, and 5.x before 5.0.1; and other Rational products, does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21682787",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682787"
},
{
"name": "ibm-rclm-cve20143092-cookie(94258)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94258"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-3092",
"datePublished": "2014-09-12T01:00:00",
"dateReserved": "2014-04-29T00:00:00",
"dateUpdated": "2024-08-06T10:35:55.834Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9748 (GCVE-0-2016-9748)
Vulnerability from cvelistv5
Published
2017-02-08 19:00
Modified
2024-08-06 02:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Obtain Information
Summary
IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive information in error response messages that could be used for further attacks against the system.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Rational DOORS Next Generation |
Version: 4.0.1 Version: 4.0.5 Version: 5.0.2 Version: 4.0.2 Version: 4.0.3 Version: 4.0.4 Version: 4.0.6 Version: 4.0.7 Version: 5.0 Version: 5.0.1 Version: 6.0 Version: 6.0.1 Version: 6.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:59:03.390Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21991461"
},
{
"name": "96074",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96074"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rational DOORS Next Generation",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.5"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.4"
},
{
"status": "affected",
"version": "4.0.6"
},
{
"status": "affected",
"version": "4.0.7"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
}
]
}
],
"datePublic": "2017-02-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive information in error response messages that could be used for further attacks against the system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-09T10:57:02",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21991461"
},
{
"name": "96074",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96074"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-9748",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rational DOORS Next Generation",
"version": {
"version_data": [
{
"version_value": "4.0.1"
},
{
"version_value": "4.0.5"
},
{
"version_value": "5.0.2"
},
{
"version_value": "4.0.2"
},
{
"version_value": "4.0.3"
},
{
"version_value": "4.0.4"
},
{
"version_value": "4.0.6"
},
{
"version_value": "4.0.7"
},
{
"version_value": "5.0"
},
{
"version_value": "5.0.1"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive information in error response messages that could be used for further attacks against the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21991461",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21991461"
},
{
"name": "96074",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96074"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-9748",
"datePublished": "2017-02-08T19:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-06T02:59:03.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3039 (GCVE-0-2013-3039)
Vulnerability from cvelistv5
Published
2013-09-12 01:00
Modified
2024-08-06 16:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IBM Rational Requirements Composer before 4.0.4 does not properly perform authentication, which has unspecified impact and remote attack vectors.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:00:09.939Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645927"
},
{
"name": "rrc-cve20133039-weak-security(84709)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84709"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-09-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Rational Requirements Composer before 4.0.4 does not properly perform authentication, which has unspecified impact and remote attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645927"
},
{
"name": "rrc-cve20133039-weak-security(84709)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84709"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-3039",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Rational Requirements Composer before 4.0.4 does not properly perform authentication, which has unspecified impact and remote attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21645927",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645927"
},
{
"name": "rrc-cve20133039-weak-security(84709)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84709"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-3039",
"datePublished": "2013-09-12T01:00:00",
"dateReserved": "2013-04-12T00:00:00",
"dateUpdated": "2024-08-06T16:00:09.939Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1128 (GCVE-0-2017-1128)
Vulnerability from cvelistv5
Published
2017-02-08 19:00
Modified
2024-08-05 13:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Cross-Site Scripting
Summary
IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Rational DOORS Next Generation |
Version: 4.0.1 Version: 4.0.5 Version: 5.0.2 Version: 4.0.2 Version: 4.0.3 Version: 4.0.4 Version: 4.0.6 Version: 4.0.7 Version: 5.0 Version: 5.0.1 Version: 6.0 Version: 6.0.1 Version: 6.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:25:17.484Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96017",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96017"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996645"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rational DOORS Next Generation",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.5"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.4"
},
{
"status": "affected",
"version": "4.0.6"
},
{
"status": "affected",
"version": "4.0.7"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
}
]
}
],
"datePublic": "2017-02-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-09T10:57:02",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "96017",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96017"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996645"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2017-1128",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rational DOORS Next Generation",
"version": {
"version_data": [
{
"version_value": "4.0.1"
},
{
"version_value": "4.0.5"
},
{
"version_value": "5.0.2"
},
{
"version_value": "4.0.2"
},
{
"version_value": "4.0.3"
},
{
"version_value": "4.0.4"
},
{
"version_value": "4.0.6"
},
{
"version_value": "4.0.7"
},
{
"version_value": "5.0"
},
{
"version_value": "5.0.1"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96017",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96017"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21996645",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996645"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1128",
"datePublished": "2017-02-08T19:00:00",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-08-05T13:25:17.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0121 (GCVE-0-2015-0121)
Vulnerability from cvelistv5
Published
2015-05-30 19:00
Modified
2024-08-06 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IBM Rational Requirements Composer 3.0 through 3.0.1.6 and 4.0 through 4.0.7 and Rational DOORS Next Generation (RDNG) 4.0 through 4.0.7 and 5.0 through 5.0.2, when LTPA single sign on is used with WebSphere Application Server, do not terminate a Requirements Management (RM) session upon LTPA token expiration, which allows remote attackers to obtain access by leveraging an unattended workstation.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:55:28.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903761"
},
{
"name": "74910",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74910"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Rational Requirements Composer 3.0 through 3.0.1.6 and 4.0 through 4.0.7 and Rational DOORS Next Generation (RDNG) 4.0 through 4.0.7 and 5.0 through 5.0.2, when LTPA single sign on is used with WebSphere Application Server, do not terminate a Requirements Management (RM) session upon LTPA token expiration, which allows remote attackers to obtain access by leveraging an unattended workstation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-30T18:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903761"
},
{
"name": "74910",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74910"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-0121",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Rational Requirements Composer 3.0 through 3.0.1.6 and 4.0 through 4.0.7 and Rational DOORS Next Generation (RDNG) 4.0 through 4.0.7 and 5.0 through 5.0.2, when LTPA single sign on is used with WebSphere Application Server, do not terminate a Requirements Management (RM) session upon LTPA token expiration, which allows remote attackers to obtain access by leveraging an unattended workstation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21903761",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903761"
},
{
"name": "74910",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74910"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-0121",
"datePublished": "2015-05-30T19:00:00",
"dateReserved": "2014-11-18T00:00:00",
"dateUpdated": "2024-08-06T03:55:28.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1278 (GCVE-0-2017-1278)
Vulnerability from cvelistv5
Published
2017-06-12 19:00
Modified
2024-08-05 13:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Gain Access
Summary
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 124756.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | IBM | Rational DOORS Next Generation |
Version: 5.0.2 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:32:27.907Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002809"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/124756"
},
{
"name": "98994",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98994"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rational DOORS Next Generation ",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "5.0.2"
}
]
},
{
"product": "Rational DOORS Next Generation",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.5"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.4"
},
{
"status": "affected",
"version": "4.0.6"
},
{
"status": "affected",
"version": "4.0.7"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.3"
}
]
}
],
"datePublic": "2017-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim\u0027s Web browser within the security context of the hosting site. IBM X-Force ID: 124756."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Gain Access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-13T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002809"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/124756"
},
{
"name": "98994",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98994"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2017-1278",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rational DOORS Next Generation ",
"version": {
"version_data": [
{
"version_value": "5.0.2"
}
]
}
},
{
"product_name": "Rational DOORS Next Generation",
"version": {
"version_data": [
{
"version_value": "4.0.1"
},
{
"version_value": "4.0.5"
},
{
"version_value": "4.0.2"
},
{
"version_value": "4.0.3"
},
{
"version_value": "4.0.4"
},
{
"version_value": "4.0.6"
},
{
"version_value": "4.0.7"
},
{
"version_value": "5.0"
},
{
"version_value": "5.0.1"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.3"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim\u0027s Web browser within the security context of the hosting site. IBM X-Force ID: 124756."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22002809",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002809"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/124756",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/124756"
},
{
"name": "98994",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98994"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1278",
"datePublished": "2017-06-12T19:00:00",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-08-05T13:32:27.907Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0112 (GCVE-0-2015-0112)
Vulnerability from cvelistv5
Published
2015-06-07 18:00
Modified
2024-08-06 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Quality Manager (RQM) 2.0 through 2.0.1, 3.0 through 3.0.1.6, 4.0 through 4.0.7, and 5.0 through 5.0.2; Rational Team Concert (RTC) 2.0 through 2.0.0.2, 3.x before 3.0.1.6 IF6, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Requirements Composer (RRC) 2.0 through 2.0.0.4, 3.x before 3.0.1.6 IF6, and 4.0 through 4.0.7; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF5 and 5.x before 5.0.2 IF4; Rational Engineering Lifecycle Manager (RELM) 1.0 through 1.0.0.1, 4.0.3 through 4.0.7, and 5.0 through 5.0.2; Rational Rhapsody Design Manager (DM) 3.0 through 3.0.1, 4.0 through 4.0.7, and 5.0 through 5.0.2; and Rational Software Architect Design Manager (RSA DM) 3.0 through 3.0.1, 4.0 through 4.0.7, and 5.0 through 5.0.2 allows remote authenticated users to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:55:28.126Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21957763"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Quality Manager (RQM) 2.0 through 2.0.1, 3.0 through 3.0.1.6, 4.0 through 4.0.7, and 5.0 through 5.0.2; Rational Team Concert (RTC) 2.0 through 2.0.0.2, 3.x before 3.0.1.6 IF6, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Requirements Composer (RRC) 2.0 through 2.0.0.4, 3.x before 3.0.1.6 IF6, and 4.0 through 4.0.7; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF5 and 5.x before 5.0.2 IF4; Rational Engineering Lifecycle Manager (RELM) 1.0 through 1.0.0.1, 4.0.3 through 4.0.7, and 5.0 through 5.0.2; Rational Rhapsody Design Manager (DM) 3.0 through 3.0.1, 4.0 through 4.0.7, and 5.0 through 5.0.2; and Rational Software Architect Design Manager (RSA DM) 3.0 through 3.0.1, 4.0 through 4.0.7, and 5.0 through 5.0.2 allows remote authenticated users to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-06-07T18:57:00",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21957763"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-0112",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Quality Manager (RQM) 2.0 through 2.0.1, 3.0 through 3.0.1.6, 4.0 through 4.0.7, and 5.0 through 5.0.2; Rational Team Concert (RTC) 2.0 through 2.0.0.2, 3.x before 3.0.1.6 IF6, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Requirements Composer (RRC) 2.0 through 2.0.0.4, 3.x before 3.0.1.6 IF6, and 4.0 through 4.0.7; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF5 and 5.x before 5.0.2 IF4; Rational Engineering Lifecycle Manager (RELM) 1.0 through 1.0.0.1, 4.0.3 through 4.0.7, and 5.0 through 5.0.2; Rational Rhapsody Design Manager (DM) 3.0 through 3.0.1, 4.0 through 4.0.7, and 5.0 through 5.0.2; and Rational Software Architect Design Manager (RSA DM) 3.0 through 3.0.1, 4.0 through 4.0.7, and 5.0 through 5.0.2 allows remote authenticated users to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21957763",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21957763"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-0112",
"datePublished": "2015-06-07T18:00:00",
"dateReserved": "2014-11-18T00:00:00",
"dateUpdated": "2024-08-06T03:55:28.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7471 (GCVE-0-2015-7471)
Vulnerability from cvelistv5
Published
2018-03-15 22:00
Modified
2024-08-06 07:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, and 4.0.7 before iFix10, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4 allows remote authenticated users with project administrator privileges to inject arbitrary web script or HTML via a crafted project. IBM X-Force ID: 108429.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:51:27.625Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982747"
},
{
"name": "ibm-rtc-cve20157471-html-injection(108429)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108429"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, and 4.0.7 before iFix10, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4 allows remote authenticated users with project administrator privileges to inject arbitrary web script or HTML via a crafted project. IBM X-Force ID: 108429."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-15T21:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982747"
},
{
"name": "ibm-rtc-cve20157471-html-injection(108429)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108429"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-7471",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, and 4.0.7 before iFix10, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4 allows remote authenticated users with project administrator privileges to inject arbitrary web script or HTML via a crafted project. IBM X-Force ID: 108429."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21982747",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982747"
},
{
"name": "ibm-rtc-cve20157471-html-injection(108429)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108429"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-7471",
"datePublished": "2018-03-15T22:00:00",
"dateReserved": "2015-09-29T00:00:00",
"dateUpdated": "2024-08-06T07:51:27.625Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1127 (GCVE-0-2017-1127)
Vulnerability from cvelistv5
Published
2017-02-08 19:00
Modified
2024-08-05 13:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Cross-Site Scripting
Summary
IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Rational DOORS Next Generation |
Version: 4.0.1 Version: 4.0.5 Version: 5.0.2 Version: 4.0.2 Version: 4.0.3 Version: 4.0.4 Version: 4.0.6 Version: 4.0.7 Version: 5.0 Version: 5.0.1 Version: 6.0 Version: 6.0.1 Version: 6.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:25:17.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96019",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96019"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996645"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rational DOORS Next Generation",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.5"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.4"
},
{
"status": "affected",
"version": "4.0.6"
},
{
"status": "affected",
"version": "4.0.7"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
}
]
}
],
"datePublic": "2017-02-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-09T10:57:02",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "96019",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96019"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996645"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2017-1127",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rational DOORS Next Generation",
"version": {
"version_data": [
{
"version_value": "4.0.1"
},
{
"version_value": "4.0.5"
},
{
"version_value": "5.0.2"
},
{
"version_value": "4.0.2"
},
{
"version_value": "4.0.3"
},
{
"version_value": "4.0.4"
},
{
"version_value": "4.0.6"
},
{
"version_value": "4.0.7"
},
{
"version_value": "5.0"
},
{
"version_value": "5.0.1"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96019",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96019"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21996645",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996645"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1127",
"datePublished": "2017-02-08T19:00:00",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-08-05T13:25:17.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-0219 (GCVE-0-2016-0219)
Vulnerability from cvelistv5
Published
2018-01-16 19:00
Modified
2024-08-05 22:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
XML external entity (XXE) vulnerability in IBM Rational Team Concert 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0 before 5.0.2 iFix15, and 6.0 before 6.0.1 iFix4 allows remote authenticated users to cause a denial of service via crafted XML data. IBM X-Force ID: 109693.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:08:13.510Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ibm-rtc-cve20160219-dos(109693)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/109693"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983720"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "XML external entity (XXE) vulnerability in IBM Rational Team Concert 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0 before 5.0.2 iFix15, and 6.0 before 6.0.1 iFix4 allows remote authenticated users to cause a denial of service via crafted XML data. IBM X-Force ID: 109693."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-16T18:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "ibm-rtc-cve20160219-dos(109693)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/109693"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983720"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-0219",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XML external entity (XXE) vulnerability in IBM Rational Team Concert 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0 before 5.0.2 iFix15, and 6.0 before 6.0.1 iFix4 allows remote authenticated users to cause a denial of service via crafted XML data. IBM X-Force ID: 109693."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-rtc-cve20160219-dos(109693)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/109693"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21983720",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983720"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-0219",
"datePublished": "2018-01-16T19:00:00",
"dateReserved": "2015-12-08T00:00:00",
"dateUpdated": "2024-08-05T22:08:13.510Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-4946 (GCVE-0-2015-4946)
Vulnerability from cvelistv5
Published
2016-01-03 02:00
Modified
2024-08-06 06:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Rational LifeCycle Project Administration in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Engineering Lifecycle Manager (RELM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; Rational Rhapsody Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; and Rational Software Architect Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1 allows local users to bypass intended access restrictions via unspecified vectors.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:32:31.355Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973404"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-12-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Rational LifeCycle Project Administration in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Engineering Lifecycle Manager (RELM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; Rational Rhapsody Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; and Rational Software Architect Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1 allows local users to bypass intended access restrictions via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-01-03T04:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973404"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-4946",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Rational LifeCycle Project Administration in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Engineering Lifecycle Manager (RELM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; Rational Rhapsody Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; and Rational Software Architect Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1 allows local users to bypass intended access restrictions via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21973404",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973404"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-4946",
"datePublished": "2016-01-03T02:00:00",
"dateReserved": "2015-06-24T00:00:00",
"dateUpdated": "2024-08-06T06:32:31.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1971 (GCVE-0-2015-1971)
Vulnerability from cvelistv5
Published
2016-01-03 00:00
Modified
2024-08-06 05:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF8 and 5.x before 5.0.2 IF10; Rational Quality Manager (RQM) 2.x and 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF8, and 5.x before 5.0.2 IF10; Rational Team Concert (RTC) 2.x and 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF8, and 5.x before 5.0.2 IF10; Rational Requirements Composer (RRC) 2.x and 3.x before 3.0.1.6 IF7 and 4.0 through 4.0.7; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF8 and 5.x before 5.0.2 IF10; Rational Engineering Lifecycle Manager (RELM) 1.0 through 1.0.0.1, 4.0.3 through 4.0.7, and 5.0 through 5.0.2; Rational Rhapsody Design Manager (DM) 3.0 through 3.0.1, 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0; and Rational Software Architect Design Manager (DM) 3.0 through 3.0.1, 4.0 through 4.0.7, and 5.0 through 5.0.2 allows remote attackers to cause a denial of service via unknown vectors.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:02:42.523Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21971164"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF8 and 5.x before 5.0.2 IF10; Rational Quality Manager (RQM) 2.x and 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF8, and 5.x before 5.0.2 IF10; Rational Team Concert (RTC) 2.x and 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF8, and 5.x before 5.0.2 IF10; Rational Requirements Composer (RRC) 2.x and 3.x before 3.0.1.6 IF7 and 4.0 through 4.0.7; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF8 and 5.x before 5.0.2 IF10; Rational Engineering Lifecycle Manager (RELM) 1.0 through 1.0.0.1, 4.0.3 through 4.0.7, and 5.0 through 5.0.2; Rational Rhapsody Design Manager (DM) 3.0 through 3.0.1, 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0; and Rational Software Architect Design Manager (DM) 3.0 through 3.0.1, 4.0 through 4.0.7, and 5.0 through 5.0.2 allows remote attackers to cause a denial of service via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-01-02T23:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21971164"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-1971",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF8 and 5.x before 5.0.2 IF10; Rational Quality Manager (RQM) 2.x and 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF8, and 5.x before 5.0.2 IF10; Rational Team Concert (RTC) 2.x and 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF8, and 5.x before 5.0.2 IF10; Rational Requirements Composer (RRC) 2.x and 3.x before 3.0.1.6 IF7 and 4.0 through 4.0.7; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF8 and 5.x before 5.0.2 IF10; Rational Engineering Lifecycle Manager (RELM) 1.0 through 1.0.0.1, 4.0.3 through 4.0.7, and 5.0 through 5.0.2; Rational Rhapsody Design Manager (DM) 3.0 through 3.0.1, 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0; and Rational Software Architect Design Manager (DM) 3.0 through 3.0.1, 4.0 through 4.0.7, and 5.0 through 5.0.2 allows remote attackers to cause a denial of service via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21971164",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21971164"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-1971",
"datePublished": "2016-01-03T00:00:00",
"dateReserved": "2015-02-19T00:00:00",
"dateUpdated": "2024-08-06T05:02:42.523Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0846 (GCVE-0-2014-0846)
Vulnerability from cvelistv5
Published
2014-03-04 22:00
Modified
2024-08-06 09:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:27:20.126Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21664412"
},
{
"name": "ibm-rrc-cve20140846-xss(90720)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90720"
},
{
"name": "65917",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65917"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21664412"
},
{
"name": "ibm-rrc-cve20140846-xss(90720)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90720"
},
{
"name": "65917",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65917"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-0846",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21664412",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21664412"
},
{
"name": "ibm-rrc-cve20140846-xss(90720)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90720"
},
{
"name": "65917",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65917"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-0846",
"datePublished": "2014-03-04T22:00:00",
"dateReserved": "2014-01-06T00:00:00",
"dateUpdated": "2024-08-06T09:27:20.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0113 (GCVE-0-2015-0113)
Vulnerability from cvelistv5
Published
2015-04-27 01:00
Modified
2024-08-06 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Jazz help system in IBM Rational Collaborative Lifecycle Management 4.0 through 5.0.2, Rational Quality Manager 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Team Concert 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Requirements Composer 4.0 through 4.0.7, Rational DOORS Next Generation 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Engineering Lifecycle Manager 4.0.3 through 4.0.7 and 5.0 through 5.0.2, Rational Rhapsody Design Manager 4.0 through 4.0.7 and 5.0 through 5.0.2, and Rational Software Architect Design Manager 4.0 through 4.0.7 and 5.0 through 5.0.2 allows remote attackers to read JSP source code via a crafted request.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:55:28.013Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21882770"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Jazz help system in IBM Rational Collaborative Lifecycle Management 4.0 through 5.0.2, Rational Quality Manager 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Team Concert 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Requirements Composer 4.0 through 4.0.7, Rational DOORS Next Generation 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Engineering Lifecycle Manager 4.0.3 through 4.0.7 and 5.0 through 5.0.2, Rational Rhapsody Design Manager 4.0 through 4.0.7 and 5.0 through 5.0.2, and Rational Software Architect Design Manager 4.0 through 4.0.7 and 5.0 through 5.0.2 allows remote attackers to read JSP source code via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-27T01:57:00",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21882770"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-0113",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Jazz help system in IBM Rational Collaborative Lifecycle Management 4.0 through 5.0.2, Rational Quality Manager 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Team Concert 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Requirements Composer 4.0 through 4.0.7, Rational DOORS Next Generation 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Engineering Lifecycle Manager 4.0.3 through 4.0.7 and 5.0 through 5.0.2, Rational Rhapsody Design Manager 4.0 through 4.0.7 and 5.0 through 5.0.2, and Rational Software Architect Design Manager 4.0 through 4.0.7 and 5.0 through 5.0.2 allows remote attackers to read JSP source code via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21882770",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21882770"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-0113",
"datePublished": "2015-04-27T01:00:00",
"dateReserved": "2014-11-18T00:00:00",
"dateUpdated": "2024-08-06T03:55:28.013Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7440 (GCVE-0-2015-7440)
Vulnerability from cvelistv5
Published
2018-03-15 22:00
Modified
2024-08-06 07:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, and 4.0.7 before iFix10, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4 might allow local users to gain privileges via unspecified vectors. IBM X-Force ID: 108098.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:51:27.317Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982747"
},
{
"name": "ibm-jazz-cve20157440-priv-escalation(108098)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, and 4.0.7 before iFix10, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4 might allow local users to gain privileges via unspecified vectors. IBM X-Force ID: 108098."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-15T21:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982747"
},
{
"name": "ibm-jazz-cve20157440-priv-escalation(108098)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-7440",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, and 4.0.7 before iFix10, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4 might allow local users to gain privileges via unspecified vectors. IBM X-Force ID: 108098."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21982747",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982747"
},
{
"name": "ibm-jazz-cve20157440-priv-escalation(108098)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-7440",
"datePublished": "2018-03-15T22:00:00",
"dateReserved": "2015-09-29T00:00:00",
"dateUpdated": "2024-08-06T07:51:27.317Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1790 (GCVE-0-2017-1790)
Vulnerability from cvelistv5
Published
2018-04-12 15:00
Modified
2024-09-16 19:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Cross-Site Scripting
Summary
IBM DOORS Next Generation (DNG/RRC) 5.0, 5.0.1, 5.0.2, and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 137035.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Rational DOORS Next Generation |
Version: 5.0.2 Version: 5.0 Version: 5.0.1 Version: 6.0 Version: 6.0.1 Version: 6.0.2 Version: 6.0.3 Version: 6.0.4 Version: 6.0.5 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:39:32.254Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137035"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22012660"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rational DOORS Next Generation",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.3"
},
{
"status": "affected",
"version": "6.0.4"
},
{
"status": "affected",
"version": "6.0.5"
}
]
}
],
"datePublic": "2018-04-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM DOORS Next Generation (DNG/RRC) 5.0, 5.0.1, 5.0.2, and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 137035."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-12T14:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137035"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22012660"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2018-04-10T00:00:00",
"ID": "CVE-2017-1790",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rational DOORS Next Generation",
"version": {
"version_data": [
{
"version_value": "5.0.2"
},
{
"version_value": "5.0"
},
{
"version_value": "5.0.1"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.3"
},
{
"version_value": "6.0.4"
},
{
"version_value": "6.0.5"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM DOORS Next Generation (DNG/RRC) 5.0, 5.0.1, 5.0.2, and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 137035."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137035",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137035"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22012660",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22012660"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1790",
"datePublished": "2018-04-12T15:00:00Z",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-09-16T19:24:52.164Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6055 (GCVE-0-2016-6055)
Vulnerability from cvelistv5
Published
2017-02-23 16:00
Modified
2024-08-06 01:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Cross-Site Scripting
Summary
IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1995515.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Rational DOORS Next Generation |
Version: 4.0.1 Version: 4.0.5 Version: 5.0.2 Version: 4.0.2 Version: 4.0.3 Version: 4.0.4 Version: 4.0.6 Version: 4.0.7 Version: 5.0 Version: 5.0.1 Version: 6.0 Version: 6.0.1 Version: 6.0.2 Version: 6.0.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:22:19.001Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995515"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rational DOORS Next Generation",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.5"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.4"
},
{
"status": "affected",
"version": "4.0.6"
},
{
"status": "affected",
"version": "4.0.7"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.3"
}
]
}
],
"datePublic": "2017-02-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1995515."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-23T15:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995515"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-6055",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rational DOORS Next Generation",
"version": {
"version_data": [
{
"version_value": "4.0.1"
},
{
"version_value": "4.0.5"
},
{
"version_value": "5.0.2"
},
{
"version_value": "4.0.2"
},
{
"version_value": "4.0.3"
},
{
"version_value": "4.0.4"
},
{
"version_value": "4.0.6"
},
{
"version_value": "4.0.7"
},
{
"version_value": "5.0"
},
{
"version_value": "5.0.1"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.3"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1995515."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21995515",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995515"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-6055",
"datePublished": "2017-02-23T16:00:00",
"dateReserved": "2016-06-29T00:00:00",
"dateUpdated": "2024-08-06T01:22:19.001Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1546 (GCVE-0-2017-1546)
Vulnerability from cvelistv5
Published
2017-12-13 18:00
Modified
2024-09-17 01:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Cross-Site Scripting
Summary
IBM DOORS Next Generation (DNG/RRC) 4.07, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 130915.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | IBM | Rational DOORS Next Generation |
Version: 4.0.7 Version: 5.0 Version: 5.0.1 Version: 6.0 Version: 6.0.1 Version: 6.0.2 Version: 6.0.3 Version: 6.0.4 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:32:29.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101895",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101895"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/130915"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22010321"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rational DOORS Next Generation",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "4.0.7"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.3"
},
{
"status": "affected",
"version": "6.0.4"
}
]
},
{
"product": "Rational DOORS Next Generation",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "5.0.2"
}
]
}
],
"datePublic": "2017-11-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM DOORS Next Generation (DNG/RRC) 4.07, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 130915."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-14T10:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "101895",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101895"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/130915"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22010321"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-11-16T00:00:00",
"ID": "CVE-2017-1546",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rational DOORS Next Generation",
"version": {
"version_data": [
{
"version_value": "4.0.7"
},
{
"version_value": "5.0"
},
{
"version_value": "5.0.1"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.3"
},
{
"version_value": "6.0.4"
}
]
}
},
{
"product_name": "Rational DOORS Next Generation",
"version": {
"version_data": [
{
"version_value": "5.0.2"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM DOORS Next Generation (DNG/RRC) 4.07, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 130915."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101895",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101895"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/130915",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/130915"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22010321",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22010321"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1546",
"datePublished": "2017-12-13T18:00:00Z",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-09-17T01:36:14.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7453 (GCVE-0-2015-7453)
Vulnerability from cvelistv5
Published
2018-03-15 22:00
Modified
2024-08-06 07:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, and 4.0.7 before iFix10, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 108296.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:51:27.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982747"
},
{
"name": "ibm-jazz-cve20157453-xss(108296)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108296"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, and 4.0.7 before iFix10, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 108296."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-15T21:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982747"
},
{
"name": "ibm-jazz-cve20157453-xss(108296)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108296"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-7453",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, and 4.0.7 before iFix10, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 108296."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21982747",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982747"
},
{
"name": "ibm-jazz-cve20157453-xss(108296)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108296"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-7453",
"datePublished": "2018-03-15T22:00:00",
"dateReserved": "2015-09-29T00:00:00",
"dateUpdated": "2024-08-06T07:51:27.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0844 (GCVE-0-2014-0844)
Vulnerability from cvelistv5
Published
2014-03-04 22:00
Modified
2024-08-06 09:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to read arbitrary data via unknown vectors.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:27:20.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21664412"
},
{
"name": "ibm-rrc-cve20140844-retrieval(90718)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90718"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to read arbitrary data via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21664412"
},
{
"name": "ibm-rrc-cve20140844-retrieval(90718)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90718"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-0844",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to read arbitrary data via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21664412",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21664412"
},
{
"name": "ibm-rrc-cve20140844-retrieval(90718)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90718"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-0844",
"datePublished": "2014-03-04T22:00:00",
"dateReserved": "2014-01-06T00:00:00",
"dateUpdated": "2024-08-06T09:27:20.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6060 (GCVE-0-2016-6060)
Vulnerability from cvelistv5
Published
2017-02-15 19:00
Modified
2024-08-06 01:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Obtain Information
Summary
An undisclosed vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 could allow a JazzGuest user to see project names. IBM Reference #: 1995547.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Rational DOORS Next Generation |
Version: 4.0.1 Version: 4.0.5 Version: 5.0.2 Version: 4.0.2 Version: 4.0.3 Version: 4.0.4 Version: 4.0.6 Version: 4.0.7 Version: 5.0 Version: 5.0.1 Version: 6.0 Version: 6.0.1 Version: 6.0.2 Version: 6.0.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:22:20.655Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995547"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rational DOORS Next Generation",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.5"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.4"
},
{
"status": "affected",
"version": "4.0.6"
},
{
"status": "affected",
"version": "4.0.7"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.3"
}
]
}
],
"datePublic": "2017-02-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An undisclosed vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 could allow a JazzGuest user to see project names. IBM Reference #: 1995547."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-15T18:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995547"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-6060",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rational DOORS Next Generation",
"version": {
"version_data": [
{
"version_value": "4.0.1"
},
{
"version_value": "4.0.5"
},
{
"version_value": "5.0.2"
},
{
"version_value": "4.0.2"
},
{
"version_value": "4.0.3"
},
{
"version_value": "4.0.4"
},
{
"version_value": "4.0.6"
},
{
"version_value": "4.0.7"
},
{
"version_value": "5.0"
},
{
"version_value": "5.0.1"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.3"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An undisclosed vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 could allow a JazzGuest user to see project names. IBM Reference #: 1995547."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21995547",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995547"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-6060",
"datePublished": "2017-02-15T19:00:00",
"dateReserved": "2016-06-29T00:00:00",
"dateUpdated": "2024-08-06T01:22:20.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-4962 (GCVE-0-2015-4962)
Vulnerability from cvelistv5
Published
2016-01-03 02:00
Modified
2024-08-06 06:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Engineering Lifecycle Manager (RELM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; Rational Rhapsody Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; and Rational Software Architect Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1 uses weak permissions for unspecified project areas, which allows remote authenticated users to obtain sensitive information via unknown vectors.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:32:31.523Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973404"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-12-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Engineering Lifecycle Manager (RELM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; Rational Rhapsody Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; and Rational Software Architect Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1 uses weak permissions for unspecified project areas, which allows remote authenticated users to obtain sensitive information via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-01-03T04:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973404"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-4962",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Engineering Lifecycle Manager (RELM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; Rational Rhapsody Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; and Rational Software Architect Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1 uses weak permissions for unspecified project areas, which allows remote authenticated users to obtain sensitive information via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21973404",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973404"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-4962",
"datePublished": "2016-01-03T02:00:00",
"dateReserved": "2015-06-24T00:00:00",
"dateUpdated": "2024-08-06T06:32:31.523Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0130 (GCVE-0-2015-0130)
Vulnerability from cvelistv5
Published
2015-07-20 01:00
Modified
2024-08-06 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Quality Manager (RQM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Team Concert (RTC) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Requirements Composer (RRC) 4.x through 4.0.7; and Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:55:28.131Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960407"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Quality Manager (RQM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Team Concert (RTC) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Requirements Composer (RRC) 4.x through 4.0.7; and Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-07-20T00:57:02",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960407"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-0130",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Quality Manager (RQM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Team Concert (RTC) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Requirements Composer (RRC) 4.x through 4.0.7; and Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21960407",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960407"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-0130",
"datePublished": "2015-07-20T01:00:00",
"dateReserved": "2014-11-18T00:00:00",
"dateUpdated": "2024-08-06T03:55:28.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3037 (GCVE-0-2013-3037)
Vulnerability from cvelistv5
Published
2013-09-12 01:00
Modified
2024-08-06 16:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in IBM Rational Requirements Composer before 4.0.4 makes it easier for local users to gain privileges via unknown vectors.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:00:09.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645927"
},
{
"name": "rrc-cve20133037-priv-esc(84689)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84689"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-09-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Rational Requirements Composer before 4.0.4 makes it easier for local users to gain privileges via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645927"
},
{
"name": "rrc-cve20133037-priv-esc(84689)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84689"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-3037",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM Rational Requirements Composer before 4.0.4 makes it easier for local users to gain privileges via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21645927",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645927"
},
{
"name": "rrc-cve20133037-priv-esc(84689)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84689"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-3037",
"datePublished": "2013-09-12T01:00:00",
"dateReserved": "2013-04-12T00:00:00",
"dateUpdated": "2024-08-06T16:00:09.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1276 (GCVE-0-2017-1276)
Vulnerability from cvelistv5
Published
2017-06-12 19:00
Modified
2024-08-05 13:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Cross-Site Scripting
Summary
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124751.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | IBM | Rational DOORS Next Generation |
Version: 4.0.1 Version: 4.0.5 Version: 4.0.2 Version: 4.0.3 Version: 4.0.4 Version: 4.0.6 Version: 4.0.7 Version: 5.0 Version: 5.0.1 Version: 6.0 Version: 6.0.1 Version: 6.0.2 Version: 6.0.3 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:25:17.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002809"
},
{
"name": "99000",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99000"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/124751"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rational DOORS Next Generation",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.5"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.4"
},
{
"status": "affected",
"version": "4.0.6"
},
{
"status": "affected",
"version": "4.0.7"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.3"
}
]
},
{
"product": "Rational DOORS Next Generation ",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "5.0.2"
}
]
}
],
"datePublic": "2017-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124751."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-13T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002809"
},
{
"name": "99000",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99000"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/124751"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2017-1276",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rational DOORS Next Generation",
"version": {
"version_data": [
{
"version_value": "4.0.1"
},
{
"version_value": "4.0.5"
},
{
"version_value": "4.0.2"
},
{
"version_value": "4.0.3"
},
{
"version_value": "4.0.4"
},
{
"version_value": "4.0.6"
},
{
"version_value": "4.0.7"
},
{
"version_value": "5.0"
},
{
"version_value": "5.0.1"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.3"
}
]
}
},
{
"product_name": "Rational DOORS Next Generation ",
"version": {
"version_data": [
{
"version_value": "5.0.2"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124751."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22002809",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002809"
},
{
"name": "99000",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99000"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/124751",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/124751"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1276",
"datePublished": "2017-06-12T19:00:00",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-08-05T13:25:17.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2014-03-04 22:55
Modified
2025-04-12 10:46
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | rational_doors_next_generation | 4.0.0 | |
| ibm | rational_doors_next_generation | 4.0.1 | |
| ibm | rational_doors_next_generation | 4.0.2 | |
| ibm | rational_doors_next_generation | 4.0.3 | |
| ibm | rational_doors_next_generation | 4.0.4 | |
| ibm | rational_doors_next_generation | 4.0.5 | |
| ibm | rational_requirements_composer | 3.0.1 | |
| ibm | rational_requirements_composer | 3.0.1.1 | |
| ibm | rational_requirements_composer | 3.0.1.2 | |
| ibm | rational_requirements_composer | 3.0.1.3 | |
| ibm | rational_requirements_composer | 3.0.1.4 | |
| ibm | rational_requirements_composer | 3.0.1.5 | |
| ibm | rational_requirements_composer | 3.0.1.6 | |
| ibm | rational_requirements_composer | 4.0.0 | |
| ibm | rational_requirements_composer | 4.0.0.1 | |
| ibm | rational_requirements_composer | 4.0.0.2 | |
| ibm | rational_requirements_composer | 4.0.1 | |
| ibm | rational_requirements_composer | 4.0.2 | |
| ibm | rational_requirements_composer | 4.0.3 | |
| ibm | rational_requirements_composer | 4.0.4 | |
| ibm | rational_requirements_composer | 4.0.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "817714F1-B68E-41DB-A4FC-34FD5518B9BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0477D24-56F7-46A2-A08A-C20A90E6E85C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CABBD25-7C8D-4CE1-B9C9-75670C8B5B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31D9D1B5-C3D1-42F2-A963-9FA30CF20AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E0514FAC-52CE-41F6-B255-E2D83E71F3E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA25E78-52E0-4B5E-AECC-0F24C827F3F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF24AEA-D261-485F-A7FF-D5DAF033C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FDD53B1B-BCD3-4A8D-8FBB-4965FA30D9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C0FA509F-C96E-428C-A69A-7D96E1C219B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0229C996-3960-4A7A-BA2E-03819281CA6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FBFCAE-0324-4C8B-82F4-1EBFA440CB1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "17099F68-B49C-4433-98B6-7C7FE8846702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D43547B3-1085-48B1-A6D3-32B791EE09FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6342F6-709A-4043-A879-57E9C7232C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CDFA1C-9C07-4744-95F9-93A2332E2F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10D8C43B-C109-44E1-868F-7DC1289D9BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFBB5B-8566-45BC-9123-5418821E6EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2CC2A-232C-43A6-8C9B-E6125C051BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84EA62-E3F8-4E4C-9FEF-065300C4611A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en IBM Rational Requirements Composer 3.x anterior a 3.0.1.6 iFix2 y 4.x anterior a 4.0.6 y Rational DOORS Next Generation 4.x anterior a 4.0.6 permite a usuarios remotos autenticados inyectar script Web o HTML arbitrarios a trav\u00e9s de una URL manipulada."
}
],
"id": "CVE-2014-0846",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-03-04T22:55:03.337",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21664412"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/65917"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90720"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21664412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/65917"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90720"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-04 22:55
Modified
2025-04-12 10:46
Severity ?
Summary
Open redirect vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | rational_requirements_composer | 3.0.1 | |
| ibm | rational_requirements_composer | 3.0.1.1 | |
| ibm | rational_requirements_composer | 3.0.1.2 | |
| ibm | rational_requirements_composer | 3.0.1.3 | |
| ibm | rational_requirements_composer | 3.0.1.4 | |
| ibm | rational_requirements_composer | 3.0.1.5 | |
| ibm | rational_requirements_composer | 3.0.1.6 | |
| ibm | rational_requirements_composer | 4.0.0 | |
| ibm | rational_requirements_composer | 4.0.0.1 | |
| ibm | rational_requirements_composer | 4.0.0.2 | |
| ibm | rational_requirements_composer | 4.0.1 | |
| ibm | rational_requirements_composer | 4.0.2 | |
| ibm | rational_requirements_composer | 4.0.3 | |
| ibm | rational_requirements_composer | 4.0.4 | |
| ibm | rational_requirements_composer | 4.0.5 | |
| ibm | rational_doors_next_generation | 4.0.0 | |
| ibm | rational_doors_next_generation | 4.0.1 | |
| ibm | rational_doors_next_generation | 4.0.2 | |
| ibm | rational_doors_next_generation | 4.0.3 | |
| ibm | rational_doors_next_generation | 4.0.4 | |
| ibm | rational_doors_next_generation | 4.0.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF24AEA-D261-485F-A7FF-D5DAF033C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FDD53B1B-BCD3-4A8D-8FBB-4965FA30D9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C0FA509F-C96E-428C-A69A-7D96E1C219B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0229C996-3960-4A7A-BA2E-03819281CA6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FBFCAE-0324-4C8B-82F4-1EBFA440CB1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "17099F68-B49C-4433-98B6-7C7FE8846702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D43547B3-1085-48B1-A6D3-32B791EE09FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6342F6-709A-4043-A879-57E9C7232C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CDFA1C-9C07-4744-95F9-93A2332E2F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10D8C43B-C109-44E1-868F-7DC1289D9BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFBB5B-8566-45BC-9123-5418821E6EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2CC2A-232C-43A6-8C9B-E6125C051BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84EA62-E3F8-4E4C-9FEF-065300C4611A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "817714F1-B68E-41DB-A4FC-34FD5518B9BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0477D24-56F7-46A2-A08A-C20A90E6E85C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CABBD25-7C8D-4CE1-B9C9-75670C8B5B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31D9D1B5-C3D1-42F2-A963-9FA30CF20AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E0514FAC-52CE-41F6-B255-E2D83E71F3E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA25E78-52E0-4B5E-AECC-0F24C827F3F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL."
},
{
"lang": "es",
"value": "Vulnerabilidad de redirecci\u00f3n abierta en IBM Rational Requirements Composer 3.x anterior a 3.0.1.6 iFix2 y 4.x anterior a 4.0.6 y Rational DOORS Next Generation 4.x anterior a 4.0.6 permite a usuarios remotos autenticados redirigir usuarios hacia sitios web arbitrarios y realizar ataques de phishing a trav\u00e9s de una URL manipulada."
}
],
"id": "CVE-2014-0845",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-03-04T22:55:03.320",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21664412"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/65916"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90719"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21664412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/65916"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90719"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-03-20 21:29
Modified
2024-11-21 02:36
Severity ?
Summary
IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Quality Manager (RQM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Team Concert (RTC) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Requirements Composer (RRC) 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7 before iFix1, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2 allow local users to obtain sensitive information by leveraging weak encryption. IBM X-Force ID: 108221.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www-01.ibm.com/support/docview.wss?uid=swg21985143 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/108221 | VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21985143 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/108221 | VDB Entry, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E92B99E0-113A-4CA9-822E-1F39D6744E13",
"versionEndIncluding": "6.0.2",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92A37B81-7F7D-4942-8FAB-CDAAAA00C524",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BA1E396E-905A-4CE3-8AEB-12BFBE679B2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1186E8-2639-476F-802E-580D98F2E255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7E998F-416E-4E1F-BF85-606224B468CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F871EF36-B640-42B3-AC50-DFD707E53953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E52984F5-4372-4D13-95B1-51F4DB19D425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2ED82318-CB9F-4EC4-BABF-1F473B3AA799",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F0FEE7-6D74-494E-9081-D4942FE17CEB",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5FDFE57E-7905-4DC8-93FC-CAE5BC070790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BEC305-F98D-45F4-B149-1188744DE408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E837B6AB-B8FF-413E-8DE9-EE61F6113ED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AFBEB328-08B8-41ED-8D80-748948CB2BDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF686B93-3DE2-4A4D-BA6F-10CA9AFCFA73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "380BB05E-6ADE-4A45-897D-9AA16E3408D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7063EE3-2DAD-40B5-B2EE-3DD5772460FF",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA43F972-8B12-4AE8-92EA-10B5CCE8145E",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D76BE6D-5C28-404A-BBF3-E2C9E1596E8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AE1241-9998-4F5D-862A-52CE40DB24C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F32526-C148-4FCE-B32B-88A8F2BB3A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "749C6DAF-EF92-40DD-9CE8-535D1C5BB745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "666FB9C2-4A39-4C21-B00B-3ABF4EE9805E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FA536CF-BF5F-42F1-8F7A-7850E4AC9319",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D5419531-869F-4389-AF72-18F6E0DF3CA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F01BD6B-30EA-4AD6-A2CA-04638FF59DF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3E8B81FD-2288-4DD3-9AAC-76016FFA2D30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "08EEA77B-8151-407C-A840-6E2334FF962B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F5ECD177-5310-44DA-A364-1077898C3A50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7F242460-F1F6-4D37-8817-4F6040FB5F5C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19611ED3-74F3-4124-A334-09A66A9274A9",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D6B3E2B-B33D-4FB4-A8CF-0D3C781B371E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6E654FB-BD17-4308-9CD0-163D8DA0BD6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "64D14BEF-D1F0-4C27-87F0-8BCAD8A3E369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2214FC95-71C7-4EB5-B924-9626D663E8FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "94EF2E53-3618-4610-AC36-602584DB26EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EF978C93-8747-416A-890B-09575EF0BA13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC9DA362-C185-4467-B0BC-20703EAE5D69",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EED534E3-80EF-40AF-927A-20D59DA7B045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C36DDB50-CF31-4B3C-AE49-99A3AFBC0791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9DFDE569-8BE3-4CFD-8228-FF785B004068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2D4BC069-34DB-4B2F-BD6C-494BEEEF65AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5D3E975D-3D7B-4DE3-B961-BA6D38329563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "543CFD7E-E204-436E-A88E-212A368F7AB7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Quality Manager (RQM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Team Concert (RTC) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Requirements Composer (RRC) 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7 before iFix1, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2 allow local users to obtain sensitive information by leveraging weak encryption. IBM X-Force ID: 108221."
},
{
"lang": "es",
"value": "IBM Rational Collaborative Lifecycle Management (CLM) en versiones 4.0.x anteriores a la 4.0.7 iFix10, versiones 5.0.x anteriores a la 5.0.2 iFix15, versiones 6.0.x anteriores a la 6.0.1 iFix5 y versiones 6.0.2 anteriores a la iFix2; Rational Quality Manager (RQM) en versiones 4.0.x anteriores a la 4.0.7 iFix10, versiones 5.0.x anteriores a la 5.0.2 iFix15, versiones 6.0.x anteriores a la 6.0.1 iFix5 y versiones 6.0.2 anteriores a la iFix2; Rational Team Concert (RTC) en versiones 4.0.x anteriores a la 4.0.7 iFix10, versiones 5.0.x anteriores a la 5.0.2 iFix15, versiones 6.0.x anteriores a la 6.0.1 iFix5 y versiones 6.0.2 anteriores a la iFix2; Rational Requirements Composer (RRC) en versiones 4.0.x anteriores a la 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) en versiones 4.0.x anteriores a la 4.0.7 iFix10, versiones 5.0.x anteriores a la 5.0.2 iFix15, versiones 6.0.x anteriores a la 6.0.1 iFix5 y versiones 6.0.2 anteriores a la iFix2; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6 y versiones 4.0.7 anteriores a iFix1, versiones 5.0.x anteriores a la 5.0.2 iFix1 y versiones 6.0.x anteriores a la 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) en versiones 4.0.x anteriores a la 4.0.7 iFix10, versiones 5.0.x anteriores a la 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Software Architect Design Manager (RSA DM) en versiones 4.0.x anteriores a la 4.0.7 iFix10, versiones 5.0.x anteriores a la 5.0.2 iFix15, versiones 6.0.x anteriores a la 6.0.1 iFix5 y en versiones 6.0.2 anteriores a iFix2 podr\u00edan permitir que los usuarios locales obtengan informaci\u00f3n sensible aprovechando el cifrado d\u00e9bil. IBM X-Force ID: 108221."
}
],
"id": "CVE-2015-7449",
"lastModified": "2024-11-21T02:36:48.630",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-20T21:29:00.827",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985143"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108221"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
},
{
"lang": "en",
"value": "CWE-326"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-05-30 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
IBM Rational Requirements Composer 3.0 through 3.0.1.6 and 4.0 through 4.0.7 and Rational DOORS Next Generation (RDNG) 4.0 through 4.0.7 and 5.0 through 5.0.2, when LTPA single sign on is used with WebSphere Application Server, do not terminate a Requirements Management (RM) session upon LTPA token expiration, which allows remote attackers to obtain access by leveraging an unattended workstation.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E8B281-4A2E-41E9-8953-9F041030EF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF24AEA-D261-485F-A7FF-D5DAF033C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FDD53B1B-BCD3-4A8D-8FBB-4965FA30D9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C0FA509F-C96E-428C-A69A-7D96E1C219B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0229C996-3960-4A7A-BA2E-03819281CA6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FBFCAE-0324-4C8B-82F4-1EBFA440CB1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "17099F68-B49C-4433-98B6-7C7FE8846702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D43547B3-1085-48B1-A6D3-32B791EE09FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D3894CB-8DF7-4011-B47F-36485A2A6E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6342F6-709A-4043-A879-57E9C7232C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CDFA1C-9C07-4744-95F9-93A2332E2F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10D8C43B-C109-44E1-868F-7DC1289D9BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFBB5B-8566-45BC-9123-5418821E6EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2CC2A-232C-43A6-8C9B-E6125C051BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84EA62-E3F8-4E4C-9FEF-065300C4611A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0232D8EF-1DB3-477D-818C-B79B68406197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8158D2-ECB0-4F89-BE73-568CA213D9B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "817714F1-B68E-41DB-A4FC-34FD5518B9BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0477D24-56F7-46A2-A08A-C20A90E6E85C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CABBD25-7C8D-4CE1-B9C9-75670C8B5B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31D9D1B5-C3D1-42F2-A963-9FA30CF20AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E0514FAC-52CE-41F6-B255-E2D83E71F3E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA25E78-52E0-4B5E-AECC-0F24C827F3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "746190AA-6D21-446F-80F5-4C98F5BF74A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08125E1B-FE2B-436C-A69F-067BC1B5C542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2431038-D838-4AB0-B614-EDC1D4D203E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AE1241-9998-4F5D-862A-52CE40DB24C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Rational Requirements Composer 3.0 through 3.0.1.6 and 4.0 through 4.0.7 and Rational DOORS Next Generation (RDNG) 4.0 through 4.0.7 and 5.0 through 5.0.2, when LTPA single sign on is used with WebSphere Application Server, do not terminate a Requirements Management (RM) session upon LTPA token expiration, which allows remote attackers to obtain access by leveraging an unattended workstation."
},
{
"lang": "es",
"value": "IBM Rational Requirements Composer 3.0 hasta 3.0.1.6 y 4.0 hasta 4.0.7 y Rational DOORS Next Generation (RDNG) 4.0 hasta 4.0.7 y 5.0 hasta 5.0.2, cuando el \u0027Single Sign On\u0027 de LTPA est\u00e1 utilizado con WebSphere Application Server, no terminan una sesi\u00f3n de Requirements Management (RM) cuando caduca el token LTPA, lo que permite a atacantes remotos obtener el acceso mediante el aprovechamiento de una estaci\u00f3n de trabajo desatendida."
}
],
"evaluatorComment": "\u003ca href=\"https://cwe.mitre.org/data/definitions/613.html\"\u003eCWE-613: Insufficient Session Expiration\u003c/a\u003e",
"id": "CVE-2015-0121",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.7,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-05-30T19:59:00.083",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903761"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/74910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903761"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/74910"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-12-13 18:29
Modified
2025-04-20 01:37
Severity ?
Summary
IBM DOORS Next Generation (DNG/RRC) 4.07, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 130915.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=swg22010321 | Issue Tracking, Vendor Advisory | |
| psirt@us.ibm.com | http://www.securityfocus.com/bid/101895 | Third Party Advisory, VDB Entry | |
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/130915 | Broken Link, VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=swg22010321 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101895 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/130915 | Broken Link, VDB Entry, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | rational_doors_next_generation | 6.0 | |
| ibm | rational_doors_next_generation | 6.0.1 | |
| ibm | rational_doors_next_generation | 6.0.2 | |
| ibm | rational_doors_next_generation | 6.0.3 | |
| ibm | rational_doors_next_generation | 6.0.4 | |
| ibm | rational_requirements_composer | 4.0 | |
| ibm | rational_requirements_composer | 4.0.7 | |
| ibm | rational_requirements_composer | 5.0 | |
| ibm | rational_requirements_composer | 5.0.1 | |
| ibm | rational_requirements_composer | 5.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "141B7F93-4A02-4A60-94F1-A6D9A80A4889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "749C6DAF-EF92-40DD-9CE8-535D1C5BB745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "666FB9C2-4A39-4C21-B00B-3ABF4EE9805E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "27404EC5-26B2-490E-8211-09783FEF084C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6A158959-BD73-40D2-BB26-537D8ACBF7A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D3894CB-8DF7-4011-B47F-36485A2A6E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8158D2-ECB0-4F89-BE73-568CA213D9B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "638AED13-42EE-4CAE-A891-8E8F27BDCF63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "93778FE9-8ED2-471D-BEC8-EF7D7E5AFC4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F403652E-333E-4828-A3A6-FED1DF447AA4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM DOORS Next Generation (DNG/RRC) 4.07, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 130915."
},
{
"lang": "es",
"value": "IBM DOORS Next Generation (DNG/RRC) 4.07, 5.0 y 6.0 es vulnerable a Cross-Site Scripting. Esta vulnerabilidad permite que los usuarios embeban c\u00f3digo JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. Esto podr\u00eda dar lugar a una revelaci\u00f3n de credenciales en una sesi\u00f3n de confianza. IBM X-Force ID: 130915."
}
],
"id": "CVE-2017-1546",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-12-13T18:29:00.283",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22010321"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101895"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link",
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/130915"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22010321"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101895"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/130915"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-12 15:29
Modified
2024-11-21 03:22
Severity ?
Summary
IBM DOORS Next Generation (DNG/RRC) 5.0, 5.0.1, 5.0.2, and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 137035.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=swg22012660 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/137035 | VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=swg22012660 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/137035 | VDB Entry, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | rational_requirements_composer | 5.0 | |
| ibm | rational_requirements_composer | 5.0.1 | |
| ibm | rational_requirements_composer | 5.0.2 | |
| ibm | rational_doors_next_generation | 6.0.0 | |
| ibm | rational_doors_next_generation | 6.0.1 | |
| ibm | rational_doors_next_generation | 6.0.2 | |
| ibm | rational_doors_next_generation | 6.0.3 | |
| ibm | rational_doors_next_generation | 6.0.4 | |
| ibm | rational_doors_next_generation | 6.0.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "638AED13-42EE-4CAE-A891-8E8F27BDCF63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "93778FE9-8ED2-471D-BEC8-EF7D7E5AFC4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F403652E-333E-4828-A3A6-FED1DF447AA4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F32526-C148-4FCE-B32B-88A8F2BB3A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "749C6DAF-EF92-40DD-9CE8-535D1C5BB745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "666FB9C2-4A39-4C21-B00B-3ABF4EE9805E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "27404EC5-26B2-490E-8211-09783FEF084C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6A158959-BD73-40D2-BB26-537D8ACBF7A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "52C026ED-A008-475D-A2E6-C663E6B760FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM DOORS Next Generation (DNG/RRC) 5.0, 5.0.1, 5.0.2, and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 137035."
},
{
"lang": "es",
"value": "IBM DOORS Next Generation (DNG/RRC) 5.0, 5.0.1 y 5.0.2 y desde la versi\u00f3n 6.0 hasta la 6.0.5 es vulnerable a Cross-Site Scripting. Esta vulnerabilidad permite que los usuarios embeban c\u00f3digo JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. Esto podr\u00eda dar lugar a una revelaci\u00f3n de credenciales en una sesi\u00f3n de confianza. IBM X-Force ID: 137035."
}
],
"id": "CVE-2017-1790",
"lastModified": "2024-11-21T03:22:22.130",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-12T15:29:00.473",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22012660"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137035"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22012660"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137035"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-03-15 22:29
Modified
2024-11-21 02:36
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, and 4.0.7 before iFix10, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4 allows remote authenticated users with project administrator privileges to inject arbitrary web script or HTML via a crafted project. IBM X-Force ID: 108429.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www-01.ibm.com/support/docview.wss?uid=swg21982747 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/108429 | VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21982747 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/108429 | VDB Entry, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5103D1D-DC6C-40CE-8092-5102E8F10A6E",
"versionEndIncluding": "6.0.1",
"versionStartIncluding": "3.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EEF02561-E60D-4577-B4AB-D2085B3599F1",
"versionEndIncluding": "3.0.1.6",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF1C422A-3D5F-48B1-BC6E-954D1AFA34F9",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D094EE5E-DF84-4922-A612-35CD4DC4D875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1186E8-2639-476F-802E-580D98F2E255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7E998F-416E-4E1F-BF85-606224B468CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7569ED1E-D61E-4F97-825B-2B20A1C03319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E52984F5-4372-4D13-95B1-51F4DB19D425",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "748629D9-94EA-4A8C-84D9-16AD00442C05",
"versionEndIncluding": "3.0.6",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51CDEB94-002E-479A-A055-F3FD38D3AE41",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8EA5622F-81FF-4C0C-8A3D-9ACFE30B0ACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BEC305-F98D-45F4-B149-1188744DE408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E837B6AB-B8FF-413E-8DE9-EE61F6113ED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB5C385D-6C5B-4D5E-8628-6D80E8E54403",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF686B93-3DE2-4A4D-BA6F-10CA9AFCFA73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23C054AA-DA70-431C-A410-01671854C0D0",
"versionEndIncluding": "3.0.1.6",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CAE640E-7342-44B0-8C02-97EE71ECAD91",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B3D3092-A570-45DE-9CD4-72E01787D189",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2431038-D838-4AB0-B614-EDC1D4D203E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AE1241-9998-4F5D-862A-52CE40DB24C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F32526-C148-4FCE-B32B-88A8F2BB3A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "749C6DAF-EF92-40DD-9CE8-535D1C5BB745",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FA536CF-BF5F-42F1-8F7A-7850E4AC9319",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1738F8-EECC-46C9-AE0C-46E8E4B2AC5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F01BD6B-30EA-4AD6-A2CA-04638FF59DF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3E8B81FD-2288-4DD3-9AAC-76016FFA2D30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61CE7D3E-BF02-44DA-ADAE-5CB0E22492AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F5ECD177-5310-44DA-A364-1077898C3A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19611ED3-74F3-4124-A334-09A66A9274A9",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B12D7433-30F0-427F-BF82-0AAD492CE35D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6E654FB-BD17-4308-9CD0-163D8DA0BD6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "64D14BEF-D1F0-4C27-87F0-8BCAD8A3E369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B9D0C8-2EB2-4209-8495-1B3B823D9A41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "94EF2E53-3618-4610-AC36-602584DB26EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D29F101-F08E-42A1-B7F2-1BD982F81221",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2654BDE-3134-4653-B472-995B02E9B841",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C36DDB50-CF31-4B3C-AE49-99A3AFBC0791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9DFDE569-8BE3-4CFD-8228-FF785B004068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9800CBFC-3169-42CA-BB36-22C34F222FD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5D3E975D-3D7B-4DE3-B961-BA6D38329563",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, and 4.0.7 before iFix10, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4 allows remote authenticated users with project administrator privileges to inject arbitrary web script or HTML via a crafted project. IBM X-Force ID: 108429."
},
{
"lang": "es",
"value": "Vulnerabilidad Cross-Site Scripting (XSS) en IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 anteriores a 3.0.1.6 iFix7 Interim Fix 1, 4.0.x anteriores a 4.0.7 iFix10, 5.0.x anteriores a 5.0.2 iFix15 y 6.0.x anteriores a 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x anteriores a 3.0.1.6 iFix7 Interim Fix 1, 4.0.x anteriores a 4.0.7 iFix10, 5.0.x anteriores a 5.0.2 iFix15 y 6.0.x anteriores a 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x anteriores a 3.0.1.6 iFix7 Interim Fix 1, 4.0.x anteriores a 4.0.7 iFix10, 5.0.x anteriores a 5.0.2 iFix15 y 6.0.x anteriores a 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x anteriores a 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x anteriores a 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x anteriores a 4.0.7 iFix10, 5.0.x anteriores a 5.0.2 iFix15 y 6.0.x anteriores a 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6 y 4.0.7 anteriores a iFix10, 5.0.x anteriores a 5.0.2 iFix1 y 6.0.x anteriores a 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x anteriores a 4.0.7 iFix10, 5.0.x anteriores a 5.0.2 iFix15 y 6.0.x anteriores a 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x anteriores a 4.0.7 iFix10, 5.0.x anteriores a 5.0.2 iFix15 y 6.0.x anteriores a 6.0.1 iFix4 permiten que los usuarios autenticados remotos con privilegios de administrador del proyecto inyecten scripts web o HTML arbitrarios mediante un proyecto manipulado. IBM X-Force ID: 108429."
}
],
"id": "CVE-2015-7471",
"lastModified": "2024-11-21T02:36:51.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-15T22:29:00.433",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982747"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108429"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108429"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-09-12 13:28
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in IBM Rational Requirements Composer before 4.0.4 makes it easier for remote attackers to discover credentials via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | rational_requirements_composer | * | |
| ibm | rational_requirements_composer | 4.0.0 | |
| ibm | rational_requirements_composer | 4.0.1 | |
| ibm | rational_requirements_composer | 4.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9442F575-4411-4900-90E8-3AA00F9B2329",
"versionEndIncluding": "4.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6342F6-709A-4043-A879-57E9C7232C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Rational Requirements Composer before 4.0.4 makes it easier for remote attackers to discover credentials via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en IBM Rational Requirements Composer anterior a 4.0.4 facilita a atacantes remotos descubrir credenciales a trav\u00e9s de vectores desconocidos"
}
],
"id": "CVE-2013-3038",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-09-12T13:28:31.987",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645927"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645927"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84708"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-01-03 05:59
Modified
2025-04-12 10:46
Severity ?
Summary
Rational LifeCycle Project Administration in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Engineering Lifecycle Manager (RELM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; Rational Rhapsody Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; and Rational Software Architect Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1 allows local users to bypass intended access restrictions via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CE0A31B-7A9B-40E6-8648-365D018BA0E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "71ECC4C2-BF61-47C7-8435-BE71F1AD0A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A79E7EF2-5615-4300-BC0D-865DBDC8B46F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C59EB6D6-2A74-4988-912C-97045647F1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EAB61F7-B5B4-47E8-8BFD-02F025358781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F93D8CAB-0DF0-4A1D-B1A3-78FF892D04AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7204792C-1506-4E95-92CD-098F760FC429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "09FC134C-08AB-4874-B31D-B08CDF4C2DE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1649F910-F8B9-4AAD-9743-C37B8784A771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CEDB1D69-FFD1-49DB-9775-B11F21E200F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "443530AE-4F33-4453-826A-8D705DFB7C03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "364E7E8D-D988-4546-9E61-CD2D1A6F0728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D34C6DE1-40BC-44F3-B106-47E4FA1C4FF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0AA277-39E7-441C-9AF2-18848FD4C9D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4938F063-34AF-4C5F-AF43-534C3D052720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3902033E-35AB-4358-9D07-AF8C59A9621A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "559C7C20-BD07-4E30-A74C-EA35DB2E3F2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B15D55E2-D1C2-4934-8C51-2DA2778ADF7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0F2747-175E-4B85-9020-162F019860EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9B31F581-9E7A-4882-A915-FE4784FDC996",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D094EE5E-DF84-4922-A612-35CD4DC4D875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1186E8-2639-476F-802E-580D98F2E255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7E998F-416E-4E1F-BF85-606224B468CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10E211DC-D0D7-4527-AE87-231A19D58C6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "20AABE5F-C942-45BB-86A9-C3F2E949D64E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A04D314-F6EB-41B9-945A-D8428D86B655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3717DCFC-1336-45EC-919C-E1CD1B37DA2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BC743273-AD4B-4A14-9C0C-23A865A640C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E8B281-4A2E-41E9-8953-9F041030EF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF24AEA-D261-485F-A7FF-D5DAF033C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FDD53B1B-BCD3-4A8D-8FBB-4965FA30D9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C0FA509F-C96E-428C-A69A-7D96E1C219B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0229C996-3960-4A7A-BA2E-03819281CA6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FBFCAE-0324-4C8B-82F4-1EBFA440CB1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "17099F68-B49C-4433-98B6-7C7FE8846702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D43547B3-1085-48B1-A6D3-32B791EE09FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D3894CB-8DF7-4011-B47F-36485A2A6E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CDFA1C-9C07-4744-95F9-93A2332E2F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10D8C43B-C109-44E1-868F-7DC1289D9BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFBB5B-8566-45BC-9123-5418821E6EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2CC2A-232C-43A6-8C9B-E6125C051BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84EA62-E3F8-4E4C-9FEF-065300C4611A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0232D8EF-1DB3-477D-818C-B79B68406197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8158D2-ECB0-4F89-BE73-568CA213D9B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B30003D-1BF8-414D-9D6D-9D1B90D4EBB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:1.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B5AC6B-5DCB-458C-8267-6AF5CC9C3E44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C380E168-9045-4BF3-A485-2943B2FDE44D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED17A54-D64F-4FEC-A9FF-1D85C0E0595E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5917861D-85E7-45F6-9150-BD6F2E272832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "90570EDF-C0A3-4AF5-9763-2D6473762A24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "608625CE-F543-4DCA-A3F9-70A35ECD1550",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1738F8-EECC-46C9-AE0C-46E8E4B2AC5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F01BD6B-30EA-4AD6-A2CA-04638FF59DF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3E8B81FD-2288-4DD3-9AAC-76016FFA2D30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5E21B53E-28C2-4930-88F3-3AADD1BF31B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C66DD3-20D9-4B47-AFA4-0BA789A973FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7178BB7D-7098-44FB-8DC1-C6A7AF5D6EE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F4A9A99-C26E-4476-934E-24AADFBDB8B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A73A4517-CA0C-4C11-BD22-47F53DFBD7B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C22AC9CB-44C3-43E1-B29A-3D06A421E51D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "51998570-6EFF-436C-9297-601B17A31788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D944BB64-73C5-402C-9D14-077B8FC9DB8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B08EF876-5D00-45DC-A724-D2496854D87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B877D86-6ABE-43E8-A681-0C937C779388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "61DE20FB-F2C6-49CB-B1A7-0C5A1F802C56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5E997305-EC48-42C4-9408-EE622818BA03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0477D24-56F7-46A2-A08A-C20A90E6E85C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CABBD25-7C8D-4CE1-B9C9-75670C8B5B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31D9D1B5-C3D1-42F2-A963-9FA30CF20AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E0514FAC-52CE-41F6-B255-E2D83E71F3E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA25E78-52E0-4B5E-AECC-0F24C827F3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "746190AA-6D21-446F-80F5-4C98F5BF74A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08125E1B-FE2B-436C-A69F-067BC1B5C542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2431038-D838-4AB0-B614-EDC1D4D203E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AE1241-9998-4F5D-862A-52CE40DB24C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF445BA2-BD53-43FB-BF1E-58510FC4FF3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:3.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA18DE5C-904D-4FD0-A479-18314B170ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "890ABCC2-F417-4E6E-A0A8-7D485FAE3FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46883130-F370-406C-A8E8-213399F2EE47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A13CE71-BEC0-4DEC-9CF7-183672F6729D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2DB2451D-F31E-4CF6-8E61-2970A4FB174D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01A27F4B-0ED9-479F-B91B-FCB514CF1D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAF452F-94AB-4857-BCD6-AE5251C61526",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7596E71E-4507-4EFC-ABF9-41D8FD338CC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9B201E3D-1028-4955-AFE2-AF8C14CAA182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A1C966E0-6372-4CA5-902E-DEE17FC139E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B12D7433-30F0-427F-BF82-0AAD492CE35D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6E654FB-BD17-4308-9CD0-163D8DA0BD6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "64D14BEF-D1F0-4C27-87F0-8BCAD8A3E369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B9D0C8-2EB2-4209-8495-1B3B823D9A41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D0173BE-F9DE-4566-B060-095203FAACA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4875C452-2466-45F1-8923-00E5340D74D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8B15EF2E-A114-4128-85F1-889EDC3F6C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F07F4E00-F0BA-4821-B5B4-3C0E9D01AAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C80E49B8-8BC4-4150-B86A-A5E474F4E598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6915A8F-05A1-4D39-BF53-0C3F4B155A9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4E92346D-B1A8-43F8-B2C1-E69A3301560B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F081AEF5-3F0F-4D58-8BBE-EDB9C569CAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "44840CC3-5720-4AF8-B508-67AB5E3E1CA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3F65519B-90F8-4A17-BA94-FDFDE5BF8CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "71F5759B-9D36-46DA-8F1B-CF7899AC7E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C7E81B-DA97-4545-9C78-962E5FE9202D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6D790D42-7B73-40A6-BF0E-630099FB97E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FABBECCB-F0B9-4D45-9372-6F313F841FE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9DF445D-E457-4FA5-A2BE-F05828F8F799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E1CE1A44-9F74-4405-AAB4-E38487FBD91A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "29160905-BBD7-486C-A4E0-5778717389E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0A538D21-6F83-4F01-AB4F-788A89F922CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "233E248F-0EA5-4C97-8474-C7A3EFCF7CCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE6472E-AC94-431C-B8EA-8A3ED1828E85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DAFF35-BD11-4EED-8B79-E99AE8A0E620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8EA5622F-81FF-4C0C-8A3D-9ACFE30B0ACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BEC305-F98D-45F4-B149-1188744DE408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E837B6AB-B8FF-413E-8DE9-EE61F6113ED1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D5C2251-FB5D-4775-BDB8-6115732E6615",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:3.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB05DAD7-F6DB-4441-B9D4-BD0F1BD1DF25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "89BE9040-CC37-495C-A05B-FC3DFBC02DC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B450B35-5169-4B41-B928-0F22DF55A28C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B4FF44-507B-4F2E-9C7C-4D8A046542D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1DD60E-3E2C-4F42-9892-B031CB3B570D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6504477B-9BF5-49F6-8E3A-9B07B30895B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C0C4948B-69C4-4CAF-808E-426483ED0622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1C297440-406F-4508-9D8D-92F79DF91C4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "79FB3730-EE6A-44CE-8FCD-4CE6D055EB2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3C416F89-7E5E-4FE7-A532-F13843AA1771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2654BDE-3134-4653-B472-995B02E9B841",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C36DDB50-CF31-4B3C-AE49-99A3AFBC0791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9DFDE569-8BE3-4CFD-8228-FF785B004068",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rational LifeCycle Project Administration in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Engineering Lifecycle Manager (RELM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; Rational Rhapsody Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; and Rational Software Architect Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1 allows local users to bypass intended access restrictions via unspecified vectors."
},
{
"lang": "es",
"value": "Rational LifeCycle Project Administration en Jazz Team Server en IBM Rational Collaborative Lifecycle Management (CLM) 3.x y 4.x en versiones anteriores a 4.0.7 IF9, 5.x en versiones anteriores a 5.0.2 IF9 y 6.x en versiones anteriores a 6.0.1; Rational Quality Manager (RQM) 3.x en versiones anteriores a 3.0.1.6 IF7, 4.x en versiones anteriores a 4.0.7 IF9, 5.x en versiones anteriores a 5.0.2 IF9 y 6.x en versiones anteriores a 6.0.1; Rational Team Concert (RTC) 3.x en versiones anteriores a 3.0.1.6 IF7, 4.x en versiones anteriores a 4.0.7 IF9, 5.x en versiones anteriores a 5.0.2 IF9 y 6.x en versiones anteriores a 6.0.1; Rational Requirements Composer (RRC) 3.x en versiones anteriores a 3.0.1.6 IF7 y 4.x en versiones anteriores a 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x en versiones anteriores a 4.0.7 IF9, 5.x en versiones anteriores a 5.0.2 IF9 y 6.x en versiones anteriores a 6.0.1; Rational Engineering Lifecycle Manager (RELM) 4.x hasta la versi\u00f3n 4.0.7, 5.x hasta la versi\u00f3n 5.0.2 y 6.x en versiones anteriores a 6.0.1; Rational Rhapsody Design Manager (DM) 4.x hasta la versi\u00f3n 4.0.7, 5.x hasta la versi\u00f3n 5.0.2 y 6.x en versiones anteriores a 6.0.1; y Rational Software Architect Design Manager (DM) 4.x hasta la versi\u00f3n 4.0.7, 5.x hasta la versi\u00f3n 5.0.2 y 6.x en versiones anteriores a 6.0.1 permite a usuarios locales eludir las restricciones de acceso previstas a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-4946",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-01-03T05:59:00.117",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973404"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973404"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-01-03 05:59
Modified
2025-04-12 10:46
Severity ?
Summary
Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Engineering Lifecycle Manager (RELM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; Rational Rhapsody Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; and Rational Software Architect Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1 uses weak permissions for unspecified project areas, which allows remote authenticated users to obtain sensitive information via unknown vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF445BA2-BD53-43FB-BF1E-58510FC4FF3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:3.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA18DE5C-904D-4FD0-A479-18314B170ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "890ABCC2-F417-4E6E-A0A8-7D485FAE3FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46883130-F370-406C-A8E8-213399F2EE47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A13CE71-BEC0-4DEC-9CF7-183672F6729D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2DB2451D-F31E-4CF6-8E61-2970A4FB174D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01A27F4B-0ED9-479F-B91B-FCB514CF1D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAF452F-94AB-4857-BCD6-AE5251C61526",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7596E71E-4507-4EFC-ABF9-41D8FD338CC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9B201E3D-1028-4955-AFE2-AF8C14CAA182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A1C966E0-6372-4CA5-902E-DEE17FC139E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B12D7433-30F0-427F-BF82-0AAD492CE35D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6E654FB-BD17-4308-9CD0-163D8DA0BD6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "64D14BEF-D1F0-4C27-87F0-8BCAD8A3E369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B9D0C8-2EB2-4209-8495-1B3B823D9A41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CE0A31B-7A9B-40E6-8648-365D018BA0E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "71ECC4C2-BF61-47C7-8435-BE71F1AD0A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A79E7EF2-5615-4300-BC0D-865DBDC8B46F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C59EB6D6-2A74-4988-912C-97045647F1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EAB61F7-B5B4-47E8-8BFD-02F025358781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F93D8CAB-0DF0-4A1D-B1A3-78FF892D04AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7204792C-1506-4E95-92CD-098F760FC429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "09FC134C-08AB-4874-B31D-B08CDF4C2DE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1649F910-F8B9-4AAD-9743-C37B8784A771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CEDB1D69-FFD1-49DB-9775-B11F21E200F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "443530AE-4F33-4453-826A-8D705DFB7C03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "364E7E8D-D988-4546-9E61-CD2D1A6F0728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D34C6DE1-40BC-44F3-B106-47E4FA1C4FF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0AA277-39E7-441C-9AF2-18848FD4C9D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4938F063-34AF-4C5F-AF43-534C3D052720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3902033E-35AB-4358-9D07-AF8C59A9621A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "559C7C20-BD07-4E30-A74C-EA35DB2E3F2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B15D55E2-D1C2-4934-8C51-2DA2778ADF7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0F2747-175E-4B85-9020-162F019860EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9B31F581-9E7A-4882-A915-FE4784FDC996",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D094EE5E-DF84-4922-A612-35CD4DC4D875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1186E8-2639-476F-802E-580D98F2E255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7E998F-416E-4E1F-BF85-606224B468CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10E211DC-D0D7-4527-AE87-231A19D58C6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "20AABE5F-C942-45BB-86A9-C3F2E949D64E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A04D314-F6EB-41B9-945A-D8428D86B655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3717DCFC-1336-45EC-919C-E1CD1B37DA2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BC743273-AD4B-4A14-9C0C-23A865A640C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E8B281-4A2E-41E9-8953-9F041030EF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF24AEA-D261-485F-A7FF-D5DAF033C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FDD53B1B-BCD3-4A8D-8FBB-4965FA30D9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C0FA509F-C96E-428C-A69A-7D96E1C219B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0229C996-3960-4A7A-BA2E-03819281CA6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FBFCAE-0324-4C8B-82F4-1EBFA440CB1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "17099F68-B49C-4433-98B6-7C7FE8846702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D43547B3-1085-48B1-A6D3-32B791EE09FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D3894CB-8DF7-4011-B47F-36485A2A6E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CDFA1C-9C07-4744-95F9-93A2332E2F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10D8C43B-C109-44E1-868F-7DC1289D9BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFBB5B-8566-45BC-9123-5418821E6EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2CC2A-232C-43A6-8C9B-E6125C051BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84EA62-E3F8-4E4C-9FEF-065300C4611A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0232D8EF-1DB3-477D-818C-B79B68406197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8158D2-ECB0-4F89-BE73-568CA213D9B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B30003D-1BF8-414D-9D6D-9D1B90D4EBB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:1.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B5AC6B-5DCB-458C-8267-6AF5CC9C3E44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C380E168-9045-4BF3-A485-2943B2FDE44D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED17A54-D64F-4FEC-A9FF-1D85C0E0595E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5917861D-85E7-45F6-9150-BD6F2E272832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "90570EDF-C0A3-4AF5-9763-2D6473762A24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "608625CE-F543-4DCA-A3F9-70A35ECD1550",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1738F8-EECC-46C9-AE0C-46E8E4B2AC5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F01BD6B-30EA-4AD6-A2CA-04638FF59DF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3E8B81FD-2288-4DD3-9AAC-76016FFA2D30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D5C2251-FB5D-4775-BDB8-6115732E6615",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:3.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB05DAD7-F6DB-4441-B9D4-BD0F1BD1DF25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "89BE9040-CC37-495C-A05B-FC3DFBC02DC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B450B35-5169-4B41-B928-0F22DF55A28C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B4FF44-507B-4F2E-9C7C-4D8A046542D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1DD60E-3E2C-4F42-9892-B031CB3B570D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6504477B-9BF5-49F6-8E3A-9B07B30895B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C0C4948B-69C4-4CAF-808E-426483ED0622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1C297440-406F-4508-9D8D-92F79DF91C4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "79FB3730-EE6A-44CE-8FCD-4CE6D055EB2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3C416F89-7E5E-4FE7-A532-F13843AA1771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2654BDE-3134-4653-B472-995B02E9B841",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C36DDB50-CF31-4B3C-AE49-99A3AFBC0791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9DFDE569-8BE3-4CFD-8228-FF785B004068",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5E21B53E-28C2-4930-88F3-3AADD1BF31B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C66DD3-20D9-4B47-AFA4-0BA789A973FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7178BB7D-7098-44FB-8DC1-C6A7AF5D6EE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F4A9A99-C26E-4476-934E-24AADFBDB8B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A73A4517-CA0C-4C11-BD22-47F53DFBD7B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C22AC9CB-44C3-43E1-B29A-3D06A421E51D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "51998570-6EFF-436C-9297-601B17A31788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D944BB64-73C5-402C-9D14-077B8FC9DB8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B08EF876-5D00-45DC-A724-D2496854D87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B877D86-6ABE-43E8-A681-0C937C779388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "61DE20FB-F2C6-49CB-B1A7-0C5A1F802C56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5E997305-EC48-42C4-9408-EE622818BA03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0477D24-56F7-46A2-A08A-C20A90E6E85C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CABBD25-7C8D-4CE1-B9C9-75670C8B5B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31D9D1B5-C3D1-42F2-A963-9FA30CF20AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E0514FAC-52CE-41F6-B255-E2D83E71F3E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA25E78-52E0-4B5E-AECC-0F24C827F3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "746190AA-6D21-446F-80F5-4C98F5BF74A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08125E1B-FE2B-436C-A69F-067BC1B5C542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2431038-D838-4AB0-B614-EDC1D4D203E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AE1241-9998-4F5D-862A-52CE40DB24C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D0173BE-F9DE-4566-B060-095203FAACA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4875C452-2466-45F1-8923-00E5340D74D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8B15EF2E-A114-4128-85F1-889EDC3F6C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F07F4E00-F0BA-4821-B5B4-3C0E9D01AAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C80E49B8-8BC4-4150-B86A-A5E474F4E598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6915A8F-05A1-4D39-BF53-0C3F4B155A9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4E92346D-B1A8-43F8-B2C1-E69A3301560B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F081AEF5-3F0F-4D58-8BBE-EDB9C569CAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "44840CC3-5720-4AF8-B508-67AB5E3E1CA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3F65519B-90F8-4A17-BA94-FDFDE5BF8CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "71F5759B-9D36-46DA-8F1B-CF7899AC7E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C7E81B-DA97-4545-9C78-962E5FE9202D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6D790D42-7B73-40A6-BF0E-630099FB97E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FABBECCB-F0B9-4D45-9372-6F313F841FE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9DF445D-E457-4FA5-A2BE-F05828F8F799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E1CE1A44-9F74-4405-AAB4-E38487FBD91A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "29160905-BBD7-486C-A4E0-5778717389E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0A538D21-6F83-4F01-AB4F-788A89F922CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "233E248F-0EA5-4C97-8474-C7A3EFCF7CCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE6472E-AC94-431C-B8EA-8A3ED1828E85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DAFF35-BD11-4EED-8B79-E99AE8A0E620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8EA5622F-81FF-4C0C-8A3D-9ACFE30B0ACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BEC305-F98D-45F4-B149-1188744DE408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E837B6AB-B8FF-413E-8DE9-EE61F6113ED1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Engineering Lifecycle Manager (RELM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; Rational Rhapsody Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; and Rational Software Architect Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1 uses weak permissions for unspecified project areas, which allows remote authenticated users to obtain sensitive information via unknown vectors."
},
{
"lang": "es",
"value": "Jazz Team Server en Jazz Foundation en IBM Rational Collaborative Lifecycle Management (CLM) 3.x y 4.x en versiones anteriores a 4.0.7 IF9, 5.x en versiones anteriores a 5.0.2 IF9 y 6.x en versiones anteriores a 6.0.1; Rational Quality Manager (RQM) 3.x en versiones anteriores a 3.0.1.6 IF7, 4.x en versiones anteriores a 4.0.7 IF9, 5.x en versiones anteriores a 5.0.2 IF9 y 6.x en versiones anteriores a 6.0.1; Rational Team Concert (RTC) 3.x en versiones anteriores a 3.0.1.6 IF7, 4.x en versiones anteriores a 4.0.7 IF9, 5.x en versiones anteriores a 5.0.2 IF9 y 6.x en versiones anteriores a 6.0.1; Rational Requirements Composer (RRC) 3.x en versiones anteriores a 3.0.1.6 IF7 y 4.x en versiones anteriores a 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x en versiones anteriores a 4.0.7 IF9, 5.x en versiones anteriores a 5.0.2 IF9 y 6.x en versiones anteriores a 6.0.1; Rational Engineering Lifecycle Manager (RELM) 4.x hasta la versi\u00f3n 4.0.7, 5.x hasta la versi\u00f3n 5.0.2 y 6.x en versiones anteriores a 6.0.1; Rational Rhapsody Design Manager (DM) 4.x hasta la versi\u00f3n 4.0.7, 5.x hasta la versi\u00f3n 5.0.2 y 6.x en versiones anteriores a 6.0.1; y Rational Software Architect Design Manager (DM) 4.x hasta la versi\u00f3n 4.0.7, 5.x hasta la versi\u00f3n 5.0.2 y 6.x en versiones anteriores a 6.0.1 utiliza permisos d\u00e9biles para \u00e1reas de proyecto no especificadas, lo que permite a usuarios remotos autenticados obtener informaci\u00f3n sensible a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2015-4962",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 5.1,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-01-03T05:59:01.430",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973404"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973404"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-06-12 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 124756.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=swg22002809 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | http://www.securityfocus.com/bid/98994 | Third Party Advisory, VDB Entry | |
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/124756 | VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=swg22002809 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/98994 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/124756 | VDB Entry, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | rational_doors_next_generation | 5.0 | |
| ibm | rational_doors_next_generation | 5.0.0 | |
| ibm | rational_doors_next_generation | 5.0.1 | |
| ibm | rational_doors_next_generation | 5.0.2 | |
| ibm | rational_doors_next_generation | 6.0.0 | |
| ibm | rational_doors_next_generation | 6.0.1 | |
| ibm | rational_doors_next_generation | 6.0.2 | |
| ibm | rational_doors_next_generation | 6.0.3 | |
| ibm | rational_requirements_composer | 4.0.1 | |
| ibm | rational_requirements_composer | 4.0.2 | |
| ibm | rational_requirements_composer | 4.0.3 | |
| ibm | rational_requirements_composer | 4.0.4 | |
| ibm | rational_requirements_composer | 4.0.5 | |
| ibm | rational_requirements_composer | 4.0.6 | |
| ibm | rational_requirements_composer | 4.0.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2431038-D838-4AB0-B614-EDC1D4D203E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D76BE6D-5C28-404A-BBF3-E2C9E1596E8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AE1241-9998-4F5D-862A-52CE40DB24C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F32526-C148-4FCE-B32B-88A8F2BB3A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "749C6DAF-EF92-40DD-9CE8-535D1C5BB745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "666FB9C2-4A39-4C21-B00B-3ABF4EE9805E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "27404EC5-26B2-490E-8211-09783FEF084C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFBB5B-8566-45BC-9123-5418821E6EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2CC2A-232C-43A6-8C9B-E6125C051BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84EA62-E3F8-4E4C-9FEF-065300C4611A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0232D8EF-1DB3-477D-818C-B79B68406197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8158D2-ECB0-4F89-BE73-568CA213D9B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim\u0027s Web browser within the security context of the hosting site. IBM X-Force ID: 124756."
},
{
"lang": "es",
"value": "IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 y 6.0 es vulnerable a la inyecci\u00f3n de c\u00f3digo HTML. Un atacante remoto podr\u00eda inyectar c\u00f3digo HTML malicioso, el que cuando se vea, se ejecutar\u00eda en el navegador de la v\u00edctima dentro de un contexto seguro del sitio. IBM X-Force ID: 124756."
}
],
"id": "CVE-2017-1278",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-06-12T19:29:00.307",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002809"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98994"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/124756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002809"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98994"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/124756"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-04-27 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
The Jazz help system in IBM Rational Collaborative Lifecycle Management 4.0 through 5.0.2, Rational Quality Manager 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Team Concert 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Requirements Composer 4.0 through 4.0.7, Rational DOORS Next Generation 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Engineering Lifecycle Manager 4.0.3 through 4.0.7 and 5.0 through 5.0.2, Rational Rhapsody Design Manager 4.0 through 4.0.7 and 5.0 through 5.0.2, and Rational Software Architect Design Manager 4.0 through 4.0.7 and 5.0 through 5.0.2 allows remote attackers to read JSP source code via a crafted request.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www-01.ibm.com/support/docview.wss?uid=swg21882770 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21882770 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FC3B8F6-F9D7-454C-B7A2-732B6708AF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B4FF44-507B-4F2E-9C7C-4D8A046542D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1DD60E-3E2C-4F42-9892-B031CB3B570D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6504477B-9BF5-49F6-8E3A-9B07B30895B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C0C4948B-69C4-4CAF-808E-426483ED0622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1C297440-406F-4508-9D8D-92F79DF91C4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "79FB3730-EE6A-44CE-8FCD-4CE6D055EB2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3C416F89-7E5E-4FE7-A532-F13843AA1771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2654BDE-3134-4653-B472-995B02E9B841",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C36DDB50-CF31-4B3C-AE49-99A3AFBC0791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9DFDE569-8BE3-4CFD-8228-FF785B004068",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C7E81B-DA97-4545-9C78-962E5FE9202D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6D790D42-7B73-40A6-BF0E-630099FB97E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FABBECCB-F0B9-4D45-9372-6F313F841FE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9DF445D-E457-4FA5-A2BE-F05828F8F799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E1CE1A44-9F74-4405-AAB4-E38487FBD91A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "29160905-BBD7-486C-A4E0-5778717389E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0A538D21-6F83-4F01-AB4F-788A89F922CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "233E248F-0EA5-4C97-8474-C7A3EFCF7CCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE6472E-AC94-431C-B8EA-8A3ED1828E85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DAFF35-BD11-4EED-8B79-E99AE8A0E620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5FDFE57E-7905-4DC8-93FC-CAE5BC070790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BEC305-F98D-45F4-B149-1188744DE408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E837B6AB-B8FF-413E-8DE9-EE61F6113ED1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46883130-F370-406C-A8E8-213399F2EE47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A13CE71-BEC0-4DEC-9CF7-183672F6729D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2DB2451D-F31E-4CF6-8E61-2970A4FB174D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01A27F4B-0ED9-479F-B91B-FCB514CF1D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAF452F-94AB-4857-BCD6-AE5251C61526",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7596E71E-4507-4EFC-ABF9-41D8FD338CC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9B201E3D-1028-4955-AFE2-AF8C14CAA182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A1C966E0-6372-4CA5-902E-DEE17FC139E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B12D7433-30F0-427F-BF82-0AAD492CE35D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6E654FB-BD17-4308-9CD0-163D8DA0BD6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "64D14BEF-D1F0-4C27-87F0-8BCAD8A3E369",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC85C5A2-04BC-4E10-9EAF-6AF2CBC3AF41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C66DD3-20D9-4B47-AFA4-0BA789A973FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7178BB7D-7098-44FB-8DC1-C6A7AF5D6EE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F4A9A99-C26E-4476-934E-24AADFBDB8B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A73A4517-CA0C-4C11-BD22-47F53DFBD7B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C22AC9CB-44C3-43E1-B29A-3D06A421E51D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "51998570-6EFF-436C-9297-601B17A31788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D944BB64-73C5-402C-9D14-077B8FC9DB8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3A32DF4D-B68E-4C3E-AF20-05C80B26461A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B877D86-6ABE-43E8-A681-0C937C779388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "61DE20FB-F2C6-49CB-B1A7-0C5A1F802C56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6342F6-709A-4043-A879-57E9C7232C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CDFA1C-9C07-4744-95F9-93A2332E2F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10D8C43B-C109-44E1-868F-7DC1289D9BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFBB5B-8566-45BC-9123-5418821E6EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2CC2A-232C-43A6-8C9B-E6125C051BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84EA62-E3F8-4E4C-9FEF-065300C4611A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0232D8EF-1DB3-477D-818C-B79B68406197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8158D2-ECB0-4F89-BE73-568CA213D9B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "817714F1-B68E-41DB-A4FC-34FD5518B9BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0477D24-56F7-46A2-A08A-C20A90E6E85C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CABBD25-7C8D-4CE1-B9C9-75670C8B5B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31D9D1B5-C3D1-42F2-A963-9FA30CF20AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E0514FAC-52CE-41F6-B255-E2D83E71F3E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA25E78-52E0-4B5E-AECC-0F24C827F3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "746190AA-6D21-446F-80F5-4C98F5BF74A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08125E1B-FE2B-436C-A69F-067BC1B5C542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AE1241-9998-4F5D-862A-52CE40DB24C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C380E168-9045-4BF3-A485-2943B2FDE44D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED17A54-D64F-4FEC-A9FF-1D85C0E0595E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5917861D-85E7-45F6-9150-BD6F2E272832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "90570EDF-C0A3-4AF5-9763-2D6473762A24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "608625CE-F543-4DCA-A3F9-70A35ECD1550",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1738F8-EECC-46C9-AE0C-46E8E4B2AC5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F01BD6B-30EA-4AD6-A2CA-04638FF59DF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3E8B81FD-2288-4DD3-9AAC-76016FFA2D30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "443530AE-4F33-4453-826A-8D705DFB7C03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "364E7E8D-D988-4546-9E61-CD2D1A6F0728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D34C6DE1-40BC-44F3-B106-47E4FA1C4FF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0AA277-39E7-441C-9AF2-18848FD4C9D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4938F063-34AF-4C5F-AF43-534C3D052720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3902033E-35AB-4358-9D07-AF8C59A9621A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "559C7C20-BD07-4E30-A74C-EA35DB2E3F2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B15D55E2-D1C2-4934-8C51-2DA2778ADF7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9B31F581-9E7A-4882-A915-FE4784FDC996",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BA1E396E-905A-4CE3-8AEB-12BFBE679B2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1186E8-2639-476F-802E-580D98F2E255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7E998F-416E-4E1F-BF85-606224B468CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Jazz help system in IBM Rational Collaborative Lifecycle Management 4.0 through 5.0.2, Rational Quality Manager 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Team Concert 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Requirements Composer 4.0 through 4.0.7, Rational DOORS Next Generation 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Engineering Lifecycle Manager 4.0.3 through 4.0.7 and 5.0 through 5.0.2, Rational Rhapsody Design Manager 4.0 through 4.0.7 and 5.0 through 5.0.2, and Rational Software Architect Design Manager 4.0 through 4.0.7 and 5.0 through 5.0.2 allows remote attackers to read JSP source code via a crafted request."
},
{
"lang": "es",
"value": "El sistema de ayuda de Jazz en IBM Rational Collaborative Lifecycle Management 4.0 hasta 5.0.2, Rational Quality Manager 4.0 hasta 4.0.7 y 5.0 hasta 5.0.2, Rational Team Concert 4.0 hasta 4.0.7 y 5.0 hasta 5.0.2, Rational Requirements Composer 4.0 hasta 4.0.7, Rational DOORS Next Generation 4.0 hasta 4.0.7 y 5.0 hasta 5.0.2, Rational Engineering Lifecycle Manager 4.0.3 hasta 4.0.7 y 5.0 hasta 5.0.2, Rational Rhapsody Design Manager 4.0 hasta 4.0.7 y 5.0 hasta 5.0.2, y Rational Software Architect Design Manager 4.0 hasta 4.0.7 y 5.0 hasta 5.0.2 permite a atacantes remotos leer c\u00f3digo JSP de fuente a trav\u00e9s de una solicitud manipulada."
}
],
"id": "CVE-2015-0113",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-04-27T11:59:03.280",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21882770"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21882770"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-07 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Quality Manager (RQM) 2.0 through 2.0.1, 3.0 through 3.0.1.6, 4.0 through 4.0.7, and 5.0 through 5.0.2; Rational Team Concert (RTC) 2.0 through 2.0.0.2, 3.x before 3.0.1.6 IF6, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Requirements Composer (RRC) 2.0 through 2.0.0.4, 3.x before 3.0.1.6 IF6, and 4.0 through 4.0.7; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF5 and 5.x before 5.0.2 IF4; Rational Engineering Lifecycle Manager (RELM) 1.0 through 1.0.0.1, 4.0.3 through 4.0.7, and 5.0 through 5.0.2; Rational Rhapsody Design Manager (DM) 3.0 through 3.0.1, 4.0 through 4.0.7, and 5.0 through 5.0.2; and Rational Software Architect Design Manager (RSA DM) 3.0 through 3.0.1, 4.0 through 4.0.7, and 5.0 through 5.0.2 allows remote authenticated users to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www-01.ibm.com/support/docview.wss?uid=swg21957763 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21957763 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10E211DC-D0D7-4527-AE87-231A19D58C6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "20AABE5F-C942-45BB-86A9-C3F2E949D64E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A04D314-F6EB-41B9-945A-D8428D86B655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3717DCFC-1336-45EC-919C-E1CD1B37DA2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BC743273-AD4B-4A14-9C0C-23A865A640C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E8B281-4A2E-41E9-8953-9F041030EF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF24AEA-D261-485F-A7FF-D5DAF033C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FDD53B1B-BCD3-4A8D-8FBB-4965FA30D9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C0FA509F-C96E-428C-A69A-7D96E1C219B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0229C996-3960-4A7A-BA2E-03819281CA6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FBFCAE-0324-4C8B-82F4-1EBFA440CB1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "17099F68-B49C-4433-98B6-7C7FE8846702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D43547B3-1085-48B1-A6D3-32B791EE09FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0795E4AC-CFB9-447A-BDB0-7C7AA3799CD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D3894CB-8DF7-4011-B47F-36485A2A6E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6342F6-709A-4043-A879-57E9C7232C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CDFA1C-9C07-4744-95F9-93A2332E2F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10D8C43B-C109-44E1-868F-7DC1289D9BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFBB5B-8566-45BC-9123-5418821E6EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2CC2A-232C-43A6-8C9B-E6125C051BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84EA62-E3F8-4E4C-9FEF-065300C4611A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0232D8EF-1DB3-477D-818C-B79B68406197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8158D2-ECB0-4F89-BE73-568CA213D9B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rhapsody_design_manager:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "528AE2DE-49A1-4E4B-9CF5-A3D0C30E47F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rhapsody_design_manager:3.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F5334F84-3E99-47B7-808F-8BF26A98A755",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rhapsody_design_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0629DA-AD85-4FC2-8118-98E8CC94D1A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rhapsody_design_manager:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4166464B-D163-4D94-AF3F-2504E109281E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rhapsody_design_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3A10011-CED4-45E0-B53E-72DD7B977746",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rhapsody_design_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F83E1F8E-8B98-444E-9FE0-AC7CB508829E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rhapsody_design_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B67C8F-9FDF-490B-8173-01CAFE0D79C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rhapsody_design_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "305F6730-1FA4-4256-9190-653302CDAA9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rhapsody_design_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "42AF422E-1E9B-4A77-A65A-61BF01338554",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rhapsody_design_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE7242E-4E09-43F7-BC2D-993465CE324B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rhapsody_design_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2F0D2BD8-3DD8-4DAD-BDDF-6F5D8C73AA5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rhapsody_design_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB9F8754-B1A3-4261-B879-8E02FADFE4FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rhapsody_design_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "84620B49-B887-4A87-A2EF-6E763AB4E9D6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10E211DC-D0D7-4527-AE87-231A19D58C6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "20AABE5F-C942-45BB-86A9-C3F2E949D64E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A04D314-F6EB-41B9-945A-D8428D86B655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3717DCFC-1336-45EC-919C-E1CD1B37DA2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BC743273-AD4B-4A14-9C0C-23A865A640C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E8B281-4A2E-41E9-8953-9F041030EF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF24AEA-D261-485F-A7FF-D5DAF033C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FDD53B1B-BCD3-4A8D-8FBB-4965FA30D9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C0FA509F-C96E-428C-A69A-7D96E1C219B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0229C996-3960-4A7A-BA2E-03819281CA6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FBFCAE-0324-4C8B-82F4-1EBFA440CB1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "17099F68-B49C-4433-98B6-7C7FE8846702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D43547B3-1085-48B1-A6D3-32B791EE09FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0795E4AC-CFB9-447A-BDB0-7C7AA3799CD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D3894CB-8DF7-4011-B47F-36485A2A6E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6342F6-709A-4043-A879-57E9C7232C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CDFA1C-9C07-4744-95F9-93A2332E2F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10D8C43B-C109-44E1-868F-7DC1289D9BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFBB5B-8566-45BC-9123-5418821E6EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2CC2A-232C-43A6-8C9B-E6125C051BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84EA62-E3F8-4E4C-9FEF-065300C4611A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0232D8EF-1DB3-477D-818C-B79B68406197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8158D2-ECB0-4F89-BE73-568CA213D9B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D0173BE-F9DE-4566-B060-095203FAACA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4875C452-2466-45F1-8923-00E5340D74D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8B15EF2E-A114-4128-85F1-889EDC3F6C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F07F4E00-F0BA-4821-B5B4-3C0E9D01AAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C80E49B8-8BC4-4150-B86A-A5E474F4E598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6915A8F-05A1-4D39-BF53-0C3F4B155A9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4E92346D-B1A8-43F8-B2C1-E69A3301560B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F081AEF5-3F0F-4D58-8BBE-EDB9C569CAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "44840CC3-5720-4AF8-B508-67AB5E3E1CA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3F65519B-90F8-4A17-BA94-FDFDE5BF8CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "71F5759B-9D36-46DA-8F1B-CF7899AC7E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C7E81B-DA97-4545-9C78-962E5FE9202D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6D790D42-7B73-40A6-BF0E-630099FB97E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FABBECCB-F0B9-4D45-9372-6F313F841FE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9DF445D-E457-4FA5-A2BE-F05828F8F799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E1CE1A44-9F74-4405-AAB4-E38487FBD91A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "29160905-BBD7-486C-A4E0-5778717389E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0A538D21-6F83-4F01-AB4F-788A89F922CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "233E248F-0EA5-4C97-8474-C7A3EFCF7CCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE6472E-AC94-431C-B8EA-8A3ED1828E85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DAFF35-BD11-4EED-8B79-E99AE8A0E620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5FDFE57E-7905-4DC8-93FC-CAE5BC070790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BEC305-F98D-45F4-B149-1188744DE408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E837B6AB-B8FF-413E-8DE9-EE61F6113ED1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CE0A31B-7A9B-40E6-8648-365D018BA0E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A9E54DB-5CB0-4289-B1A7-EA82494A8FEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B2944B8-BFD1-4184-8E49-69385DD0C0D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "71ECC4C2-BF61-47C7-8435-BE71F1AD0A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A79E7EF2-5615-4300-BC0D-865DBDC8B46F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C59EB6D6-2A74-4988-912C-97045647F1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EAB61F7-B5B4-47E8-8BFD-02F025358781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F93D8CAB-0DF0-4A1D-B1A3-78FF892D04AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7204792C-1506-4E95-92CD-098F760FC429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "09FC134C-08AB-4874-B31D-B08CDF4C2DE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1649F910-F8B9-4AAD-9743-C37B8784A771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CEDB1D69-FFD1-49DB-9775-B11F21E200F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "443530AE-4F33-4453-826A-8D705DFB7C03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "364E7E8D-D988-4546-9E61-CD2D1A6F0728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D34C6DE1-40BC-44F3-B106-47E4FA1C4FF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0AA277-39E7-441C-9AF2-18848FD4C9D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4938F063-34AF-4C5F-AF43-534C3D052720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3902033E-35AB-4358-9D07-AF8C59A9621A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "559C7C20-BD07-4E30-A74C-EA35DB2E3F2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B15D55E2-D1C2-4934-8C51-2DA2778ADF7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9B31F581-9E7A-4882-A915-FE4784FDC996",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BA1E396E-905A-4CE3-8AEB-12BFBE679B2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7E998F-416E-4E1F-BF85-606224B468CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "36FE2858-B570-444A-BEEB-6FF9CD84E394",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:3.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB05DAD7-F6DB-4441-B9D4-BD0F1BD1DF25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "89BE9040-CC37-495C-A05B-FC3DFBC02DC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FC3B8F6-F9D7-454C-B7A2-732B6708AF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B4FF44-507B-4F2E-9C7C-4D8A046542D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1DD60E-3E2C-4F42-9892-B031CB3B570D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6504477B-9BF5-49F6-8E3A-9B07B30895B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C0C4948B-69C4-4CAF-808E-426483ED0622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1C297440-406F-4508-9D8D-92F79DF91C4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "79FB3730-EE6A-44CE-8FCD-4CE6D055EB2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3C416F89-7E5E-4FE7-A532-F13843AA1771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C36DDB50-CF31-4B3C-AE49-99A3AFBC0791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9DFDE569-8BE3-4CFD-8228-FF785B004068",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5E21B53E-28C2-4930-88F3-3AADD1BF31B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF2CAB1D-B5AB-42D2-8F35-52C6F64EC0FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "71816D92-AC01-4F7D-A878-7280175BB422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "88D17CA5-2B63-4914-9DBF-5861F69B5238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7D3B001F-0031-4BED-9A49-B9589EC9E5CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B8CED8F4-22A6-4945-A21F-0D399BE661F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C2FA0B68-62BE-45B5-A359-1F922BEA587C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC85C5A2-04BC-4E10-9EAF-6AF2CBC3AF41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C66DD3-20D9-4B47-AFA4-0BA789A973FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7178BB7D-7098-44FB-8DC1-C6A7AF5D6EE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F4A9A99-C26E-4476-934E-24AADFBDB8B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A73A4517-CA0C-4C11-BD22-47F53DFBD7B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C22AC9CB-44C3-43E1-B29A-3D06A421E51D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "51998570-6EFF-436C-9297-601B17A31788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D944BB64-73C5-402C-9D14-077B8FC9DB8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3A32DF4D-B68E-4C3E-AF20-05C80B26461A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B877D86-6ABE-43E8-A681-0C937C779388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "61DE20FB-F2C6-49CB-B1A7-0C5A1F802C56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "817714F1-B68E-41DB-A4FC-34FD5518B9BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0477D24-56F7-46A2-A08A-C20A90E6E85C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CABBD25-7C8D-4CE1-B9C9-75670C8B5B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31D9D1B5-C3D1-42F2-A963-9FA30CF20AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E0514FAC-52CE-41F6-B255-E2D83E71F3E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA25E78-52E0-4B5E-AECC-0F24C827F3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "746190AA-6D21-446F-80F5-4C98F5BF74A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08125E1B-FE2B-436C-A69F-067BC1B5C542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AE1241-9998-4F5D-862A-52CE40DB24C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B30003D-1BF8-414D-9D6D-9D1B90D4EBB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:1.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B5AC6B-5DCB-458C-8267-6AF5CC9C3E44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C380E168-9045-4BF3-A485-2943B2FDE44D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED17A54-D64F-4FEC-A9FF-1D85C0E0595E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5917861D-85E7-45F6-9150-BD6F2E272832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "90570EDF-C0A3-4AF5-9763-2D6473762A24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "608625CE-F543-4DCA-A3F9-70A35ECD1550",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F01BD6B-30EA-4AD6-A2CA-04638FF59DF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3E8B81FD-2288-4DD3-9AAC-76016FFA2D30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Quality Manager (RQM) 2.0 through 2.0.1, 3.0 through 3.0.1.6, 4.0 through 4.0.7, and 5.0 through 5.0.2; Rational Team Concert (RTC) 2.0 through 2.0.0.2, 3.x before 3.0.1.6 IF6, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Requirements Composer (RRC) 2.0 through 2.0.0.4, 3.x before 3.0.1.6 IF6, and 4.0 through 4.0.7; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF5 and 5.x before 5.0.2 IF4; Rational Engineering Lifecycle Manager (RELM) 1.0 through 1.0.0.1, 4.0.3 through 4.0.7, and 5.0 through 5.0.2; Rational Rhapsody Design Manager (DM) 3.0 through 3.0.1, 4.0 through 4.0.7, and 5.0 through 5.0.2; and Rational Software Architect Design Manager (RSA DM) 3.0 through 3.0.1, 4.0 through 4.0.7, and 5.0 through 5.0.2 allows remote authenticated users to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue."
},
{
"lang": "es",
"value": "Jazz Team Server en Jazz Foundation en Rational Collaborative Lifecycle Management (CLM) de IBM versi\u00f3n 3.0.1, versiones 4.x y anteriores a 4.0.7 IF5 y versiones 5.x y anteriores a 5.0.2 IF4; Rational Quality Manager (RQM) versiones 2.0 hasta 2.0.1, versiones 3.0 hasta 3.0.1.6, versiones 4.0 hasta 4.0.7, y versiones 5.0 hasta 5.0.2; Rational Team Concert (RTC) versiones 2.0 hasta 2.0.0.2, versiones 3.x y anteriores a 3.0.1.6 IF6, versiones 4.x y anteriores a 4.0.7 IF5, y versiones 5.x y anteriores a 5.0.2 IF4; Rational Requirements Composer (RRC) versiones 2.0 hasta 2.0.0.4, versiones 3.x y anteriores a 3.0.1.6 IF6, y versiones 4.0 hasta 4.0.7; Rational DOORS Next Generation (RDNG) versiones 4.x y anteriores a 4.0.7 IF5 y versiones 5.x y anteriores a 5.0.2 IF4; Rational Engineering Lifecycle Manager (RELM) versiones 1.0 hasta 1.0.0.1, versiones 4.0.3 hasta 4.0.7, y versiones 5.0 hasta 5.0.2; Rational Rhapsody Design Manager (DM) versiones 3.0 hasta 3.0.1, versiones 4.0 hasta 4.0.7, y versiones 5.0 hasta 5.0.2; y Rational Software Architect Design Manager (RSA DM) versiones 3.0 hasta 3.0.1, versiones 4.0 hasta 4.0.7, y versiones 5.0 hasta 5.0.2, permite a los usuarios autenticados remotos leer archivos arbitrarios por medio de una declaraci\u00f3n de tipo XML external entity en conjunto con una referencia de entidad, relacionada con un problema de tipo XML External Entity (XXE)."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/611.html\"\u003eCWE-611: Improper Restriction of XML External Entity Reference (\u0027XXE\u0027)\u003c/a\u003e",
"id": "CVE-2015-0112",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-07T18:59:03.470",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21957763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21957763"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-07-19 14:29
Modified
2024-11-21 03:59
Severity ?
Summary
IBM Rational DOORS Next Generation 5.0 through 5.0.2, 6.0 through 6.0.5 and IBM Rational Requirements Composer 5.0 through 5.0.2 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142291.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=ibm10717531 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | http://www.securityfocus.com/bid/104928 | Third Party Advisory, VDB Entry | |
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/142291 | VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=ibm10717531 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104928 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/142291 | VDB Entry, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | rational_requirements_composer | * | |
| ibm | rational_doors_next_generation | * | |
| ibm | rational_doors_next_generation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60103FD4-6E24-43A3-9E28-ED9FC203E245",
"versionEndIncluding": "5.0.2",
"versionStartIncluding": "5.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5C09499-13C3-4F91-A68D-C8FEB77B18DE",
"versionEndIncluding": "5.0.2",
"versionStartIncluding": "5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "130C05BE-0919-4A40-9F1E-C7AB4D718D05",
"versionEndIncluding": "6.0.5",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Rational DOORS Next Generation 5.0 through 5.0.2, 6.0 through 6.0.5 and IBM Rational Requirements Composer 5.0 through 5.0.2 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142291."
},
{
"lang": "es",
"value": "IBM Rational DOORS Next Generation de la versi\u00f3n 5.0 a la 5.0.2, la versi\u00f3n 6.0 hasta la 6.0.5 y IBM Rational Requirements Composer desde la versi\u00f3n 5.0 hasta la 5.0.2 son vulnerables a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban c\u00f3digo JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. Esto podr\u00eda dar lugar a una revelaci\u00f3n de credenciales en una sesi\u00f3n de confianza. IBM X-Force ID: 142291."
}
],
"id": "CVE-2018-1529",
"lastModified": "2024-11-21T03:59:58.057",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-19T14:29:00.307",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10717531"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104928"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/142291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10717531"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/142291"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-06-12 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124627.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=swg22002809 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | http://www.securityfocus.com/bid/99002 | Third Party Advisory, VDB Entry | |
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/124627 | VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=swg22002809 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/99002 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/124627 | VDB Entry, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | rational_doors_next_generation | 5.0 | |
| ibm | rational_doors_next_generation | 5.0.0 | |
| ibm | rational_doors_next_generation | 5.0.1 | |
| ibm | rational_doors_next_generation | 5.0.2 | |
| ibm | rational_doors_next_generation | 6.0.0 | |
| ibm | rational_doors_next_generation | 6.0.1 | |
| ibm | rational_doors_next_generation | 6.0.2 | |
| ibm | rational_doors_next_generation | 6.0.3 | |
| ibm | rational_requirements_composer | 4.0.1 | |
| ibm | rational_requirements_composer | 4.0.2 | |
| ibm | rational_requirements_composer | 4.0.3 | |
| ibm | rational_requirements_composer | 4.0.4 | |
| ibm | rational_requirements_composer | 4.0.5 | |
| ibm | rational_requirements_composer | 4.0.6 | |
| ibm | rational_requirements_composer | 4.0.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2431038-D838-4AB0-B614-EDC1D4D203E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D76BE6D-5C28-404A-BBF3-E2C9E1596E8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AE1241-9998-4F5D-862A-52CE40DB24C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F32526-C148-4FCE-B32B-88A8F2BB3A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "749C6DAF-EF92-40DD-9CE8-535D1C5BB745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "666FB9C2-4A39-4C21-B00B-3ABF4EE9805E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "27404EC5-26B2-490E-8211-09783FEF084C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFBB5B-8566-45BC-9123-5418821E6EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2CC2A-232C-43A6-8C9B-E6125C051BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84EA62-E3F8-4E4C-9FEF-065300C4611A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0232D8EF-1DB3-477D-818C-B79B68406197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8158D2-ECB0-4F89-BE73-568CA213D9B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124627."
},
{
"lang": "es",
"value": "IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 y 6.0 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar c\u00f3digo Javascript aleatorio en la interfaz Web, lo que alterar\u00e1 la funcionalidad planeada potencialmente llevando a la revelaci\u00f3n de credenciales dentro de una sesi\u00f3n confiable. IBM X-Force ID: 124627."
}
],
"id": "CVE-2017-1247",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-06-12T19:29:00.260",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002809"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99002"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/124627"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002809"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/124627"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-09-12 01:55
Modified
2025-04-12 10:46
Severity ?
Summary
IBM Jazz Team Server, as used in Rational Collaborative Lifecycle Management; Rational Quality Manager 3.x before 3.0.1.6 iFix 3, 4.x before 4.0.7, and 5.x before 5.0.1; and other Rational products, does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "817714F1-B68E-41DB-A4FC-34FD5518B9BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0477D24-56F7-46A2-A08A-C20A90E6E85C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CABBD25-7C8D-4CE1-B9C9-75670C8B5B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31D9D1B5-C3D1-42F2-A963-9FA30CF20AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E0514FAC-52CE-41F6-B255-E2D83E71F3E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA25E78-52E0-4B5E-AECC-0F24C827F3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "746190AA-6D21-446F-80F5-4C98F5BF74A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2431038-D838-4AB0-B614-EDC1D4D203E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B30003D-1BF8-414D-9D6D-9D1B90D4EBB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:1.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B5AC6B-5DCB-458C-8267-6AF5CC9C3E44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.03:*:*:*:*:*:*:*",
"matchCriteriaId": "B6ECCE2F-893B-496A-AFBE-179A8CC29651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "73B56BB0-7779-4FF5-82A9-A81F9813FD00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.05:*:*:*:*:*:*:*",
"matchCriteriaId": "618EDC12-6763-4AD4-9498-5AF28C8DE0D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.06:*:*:*:*:*:*:*",
"matchCriteriaId": "1A44F378-C41A-4DB5-B1AA-779F7DDE8FF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1738F8-EECC-46C9-AE0C-46E8E4B2AC5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CE0A31B-7A9B-40E6-8648-365D018BA0E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A9E54DB-5CB0-4289-B1A7-EA82494A8FEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B2944B8-BFD1-4184-8E49-69385DD0C0D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "71ECC4C2-BF61-47C7-8435-BE71F1AD0A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A826A681-A706-4512-B863-1FEABFBCC677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A79E7EF2-5615-4300-BC0D-865DBDC8B46F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C59EB6D6-2A74-4988-912C-97045647F1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EAB61F7-B5B4-47E8-8BFD-02F025358781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F93D8CAB-0DF0-4A1D-B1A3-78FF892D04AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7204792C-1506-4E95-92CD-098F760FC429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "09FC134C-08AB-4874-B31D-B08CDF4C2DE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1649F910-F8B9-4AAD-9743-C37B8784A771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CEDB1D69-FFD1-49DB-9775-B11F21E200F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "443530AE-4F33-4453-826A-8D705DFB7C03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "364E7E8D-D988-4546-9E61-CD2D1A6F0728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D34C6DE1-40BC-44F3-B106-47E4FA1C4FF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0AA277-39E7-441C-9AF2-18848FD4C9D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4938F063-34AF-4C5F-AF43-534C3D052720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3902033E-35AB-4358-9D07-AF8C59A9621A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "559C7C20-BD07-4E30-A74C-EA35DB2E3F2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B15D55E2-D1C2-4934-8C51-2DA2778ADF7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0F2747-175E-4B85-9020-162F019860EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D094EE5E-DF84-4922-A612-35CD4DC4D875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10E211DC-D0D7-4527-AE87-231A19D58C6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "20AABE5F-C942-45BB-86A9-C3F2E949D64E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A04D314-F6EB-41B9-945A-D8428D86B655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3717DCFC-1336-45EC-919C-E1CD1B37DA2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BC743273-AD4B-4A14-9C0C-23A865A640C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E8B281-4A2E-41E9-8953-9F041030EF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF24AEA-D261-485F-A7FF-D5DAF033C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FDD53B1B-BCD3-4A8D-8FBB-4965FA30D9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C0FA509F-C96E-428C-A69A-7D96E1C219B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0229C996-3960-4A7A-BA2E-03819281CA6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FBFCAE-0324-4C8B-82F4-1EBFA440CB1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "17099F68-B49C-4433-98B6-7C7FE8846702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D43547B3-1085-48B1-A6D3-32B791EE09FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D3894CB-8DF7-4011-B47F-36485A2A6E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6342F6-709A-4043-A879-57E9C7232C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CDFA1C-9C07-4744-95F9-93A2332E2F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10D8C43B-C109-44E1-868F-7DC1289D9BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFBB5B-8566-45BC-9123-5418821E6EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2CC2A-232C-43A6-8C9B-E6125C051BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84EA62-E3F8-4E4C-9FEF-065300C4611A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0232D8EF-1DB3-477D-818C-B79B68406197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF445BA2-BD53-43FB-BF1E-58510FC4FF3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:3.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA18DE5C-904D-4FD0-A479-18314B170ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "890ABCC2-F417-4E6E-A0A8-7D485FAE3FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46883130-F370-406C-A8E8-213399F2EE47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A13CE71-BEC0-4DEC-9CF7-183672F6729D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2DB2451D-F31E-4CF6-8E61-2970A4FB174D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01A27F4B-0ED9-479F-B91B-FCB514CF1D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAF452F-94AB-4857-BCD6-AE5251C61526",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7596E71E-4507-4EFC-ABF9-41D8FD338CC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9B201E3D-1028-4955-AFE2-AF8C14CAA182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B12D7433-30F0-427F-BF82-0AAD492CE35D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D5C2251-FB5D-4775-BDB8-6115732E6615",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "36FE2858-B570-444A-BEEB-6FF9CD84E394",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:3.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB05DAD7-F6DB-4441-B9D4-BD0F1BD1DF25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "89BE9040-CC37-495C-A05B-FC3DFBC02DC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FC3B8F6-F9D7-454C-B7A2-732B6708AF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B4FF44-507B-4F2E-9C7C-4D8A046542D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1DD60E-3E2C-4F42-9892-B031CB3B570D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6504477B-9BF5-49F6-8E3A-9B07B30895B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C0C4948B-69C4-4CAF-808E-426483ED0622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1C297440-406F-4508-9D8D-92F79DF91C4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "79FB3730-EE6A-44CE-8FCD-4CE6D055EB2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2654BDE-3134-4653-B472-995B02E9B841",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D0173BE-F9DE-4566-B060-095203FAACA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4875C452-2466-45F1-8923-00E5340D74D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8B15EF2E-A114-4128-85F1-889EDC3F6C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F07F4E00-F0BA-4821-B5B4-3C0E9D01AAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C80E49B8-8BC4-4150-B86A-A5E474F4E598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6915A8F-05A1-4D39-BF53-0C3F4B155A9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4E92346D-B1A8-43F8-B2C1-E69A3301560B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F081AEF5-3F0F-4D58-8BBE-EDB9C569CAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "44840CC3-5720-4AF8-B508-67AB5E3E1CA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3F65519B-90F8-4A17-BA94-FDFDE5BF8CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "71F5759B-9D36-46DA-8F1B-CF7899AC7E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C7E81B-DA97-4545-9C78-962E5FE9202D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6D790D42-7B73-40A6-BF0E-630099FB97E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FABBECCB-F0B9-4D45-9372-6F313F841FE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9DF445D-E457-4FA5-A2BE-F05828F8F799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E1CE1A44-9F74-4405-AAB4-E38487FBD91A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "29160905-BBD7-486C-A4E0-5778717389E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0A538D21-6F83-4F01-AB4F-788A89F922CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "233E248F-0EA5-4C97-8474-C7A3EFCF7CCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE6472E-AC94-431C-B8EA-8A3ED1828E85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8EA5622F-81FF-4C0C-8A3D-9ACFE30B0ACA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Jazz Team Server, as used in Rational Collaborative Lifecycle Management; Rational Quality Manager 3.x before 3.0.1.6 iFix 3, 4.x before 4.0.7, and 5.x before 5.0.1; and other Rational products, does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session."
},
{
"lang": "es",
"value": "IBM Jazz Team Server, utilizado en Rational Collaborative Lifecycle Management; Rational Quality Manager 3.x anterior a 3.0.1.6 iFix 3, 4.x anterior a 4.0.7, y 5.x anterior a 5.0.1; y otros productos Rational, no configura el indicador de seguridad para la cookie de la sesi\u00f3n en una sesi\u00f3n https, lo que facilita a atacantes remotos capturar esta cookie mediante la intercepci\u00f3n de su transmisi\u00f3n dentro de una sesi\u00f3n http."
}
],
"id": "CVE-2014-3092",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-09-12T01:55:06.810",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682787"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94258"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94258"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-08 19:59
Modified
2025-04-20 01:37
Severity ?
Summary
IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=swg21996645 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | http://www.securityfocus.com/bid/96019 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=swg21996645 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/96019 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | rational_doors_next_generation | 5.0 | |
| ibm | rational_doors_next_generation | 5.0.0 | |
| ibm | rational_doors_next_generation | 5.0.1 | |
| ibm | rational_doors_next_generation | 5.0.2 | |
| ibm | rational_doors_next_generation | 6.0 | |
| ibm | rational_doors_next_generation | 6.0.0 | |
| ibm | rational_doors_next_generation | 6.0.1 | |
| ibm | rational_doors_next_generation | 6.0.2 | |
| ibm | rational_requirements_composer | 4.0 | |
| ibm | rational_requirements_composer | 4.0.0 | |
| ibm | rational_requirements_composer | 4.0.0.1 | |
| ibm | rational_requirements_composer | 4.0.0.2 | |
| ibm | rational_requirements_composer | 4.0.1 | |
| ibm | rational_requirements_composer | 4.0.2 | |
| ibm | rational_requirements_composer | 4.0.3 | |
| ibm | rational_requirements_composer | 4.0.4 | |
| ibm | rational_requirements_composer | 4.0.5 | |
| ibm | rational_requirements_composer | 4.0.6 | |
| ibm | rational_requirements_composer | 4.0.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2431038-D838-4AB0-B614-EDC1D4D203E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D76BE6D-5C28-404A-BBF3-E2C9E1596E8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AE1241-9998-4F5D-862A-52CE40DB24C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "141B7F93-4A02-4A60-94F1-A6D9A80A4889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F32526-C148-4FCE-B32B-88A8F2BB3A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "749C6DAF-EF92-40DD-9CE8-535D1C5BB745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "666FB9C2-4A39-4C21-B00B-3ABF4EE9805E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D3894CB-8DF7-4011-B47F-36485A2A6E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6342F6-709A-4043-A879-57E9C7232C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CDFA1C-9C07-4744-95F9-93A2332E2F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10D8C43B-C109-44E1-868F-7DC1289D9BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFBB5B-8566-45BC-9123-5418821E6EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2CC2A-232C-43A6-8C9B-E6125C051BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84EA62-E3F8-4E4C-9FEF-065300C4611A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0232D8EF-1DB3-477D-818C-B79B68406197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8158D2-ECB0-4F89-BE73-568CA213D9B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
},
{
"lang": "es",
"value": "IBM Rational DOORS Next Generation 4.0, 5.0 y 6.0 es vulnerable a XSS. Esta vulnerabilidad permite a usuarios incrustar c\u00f3digo JavaScript arbitrario en la interfaz Web alterando as\u00ed la funcionalidad intencionada conduciendo potencialmente a la divulgaci\u00f3n de credenciales en una sesi\u00f3n de confianza."
}
],
"id": "CVE-2017-1127",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-08T19:59:00.340",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996645"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996645"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96019"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-08 19:59
Modified
2025-04-20 01:37
Severity ?
Summary
IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=swg21996645 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | http://www.securityfocus.com/bid/96017 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=swg21996645 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/96017 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | rational_doors_next_generation | 5.0 | |
| ibm | rational_doors_next_generation | 5.0.0 | |
| ibm | rational_doors_next_generation | 5.0.1 | |
| ibm | rational_doors_next_generation | 5.0.2 | |
| ibm | rational_doors_next_generation | 6.0.0 | |
| ibm | rational_doors_next_generation | 6.0.1 | |
| ibm | rational_doors_next_generation | 6.0.2 | |
| ibm | rational_requirements_composer | 4.0 | |
| ibm | rational_requirements_composer | 4.0.0 | |
| ibm | rational_requirements_composer | 4.0.0.1 | |
| ibm | rational_requirements_composer | 4.0.0.2 | |
| ibm | rational_requirements_composer | 4.0.1 | |
| ibm | rational_requirements_composer | 4.0.2 | |
| ibm | rational_requirements_composer | 4.0.3 | |
| ibm | rational_requirements_composer | 4.0.4 | |
| ibm | rational_requirements_composer | 4.0.5 | |
| ibm | rational_requirements_composer | 4.0.6 | |
| ibm | rational_requirements_composer | 4.0.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2431038-D838-4AB0-B614-EDC1D4D203E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D76BE6D-5C28-404A-BBF3-E2C9E1596E8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AE1241-9998-4F5D-862A-52CE40DB24C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F32526-C148-4FCE-B32B-88A8F2BB3A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "749C6DAF-EF92-40DD-9CE8-535D1C5BB745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "666FB9C2-4A39-4C21-B00B-3ABF4EE9805E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D3894CB-8DF7-4011-B47F-36485A2A6E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6342F6-709A-4043-A879-57E9C7232C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CDFA1C-9C07-4744-95F9-93A2332E2F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10D8C43B-C109-44E1-868F-7DC1289D9BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFBB5B-8566-45BC-9123-5418821E6EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2CC2A-232C-43A6-8C9B-E6125C051BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84EA62-E3F8-4E4C-9FEF-065300C4611A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0232D8EF-1DB3-477D-818C-B79B68406197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8158D2-ECB0-4F89-BE73-568CA213D9B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
},
{
"lang": "es",
"value": "IBM Rational DOORS Next Generation 4.0, 5.0 y 6.0 es vulnerable a XSS. Esta vulnerabilidad permite a usuarios incrustar c\u00f3digo JavaScript arbitrario en la interfaz Web alterando as\u00ed la funcionalidad intencionada conduciendo potencialmente a la divulgaci\u00f3n de credenciales en una sesi\u00f3n de confianza."
}
],
"id": "CVE-2017-1128",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-08T19:59:00.357",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996645"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96017"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996645"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96017"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-07-20 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Quality Manager (RQM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Team Concert (RTC) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Requirements Composer (RRC) 4.x through 4.0.7; and Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www-01.ibm.com/support/docview.wss?uid=swg21960407 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21960407 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "817714F1-B68E-41DB-A4FC-34FD5518B9BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0477D24-56F7-46A2-A08A-C20A90E6E85C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CABBD25-7C8D-4CE1-B9C9-75670C8B5B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31D9D1B5-C3D1-42F2-A963-9FA30CF20AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E0514FAC-52CE-41F6-B255-E2D83E71F3E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA25E78-52E0-4B5E-AECC-0F24C827F3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "746190AA-6D21-446F-80F5-4C98F5BF74A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08125E1B-FE2B-436C-A69F-067BC1B5C542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D76BE6D-5C28-404A-BBF3-E2C9E1596E8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C7E81B-DA97-4545-9C78-962E5FE9202D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6D790D42-7B73-40A6-BF0E-630099FB97E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FABBECCB-F0B9-4D45-9372-6F313F841FE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9DF445D-E457-4FA5-A2BE-F05828F8F799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E1CE1A44-9F74-4405-AAB4-E38487FBD91A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "29160905-BBD7-486C-A4E0-5778717389E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0A538D21-6F83-4F01-AB4F-788A89F922CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "233E248F-0EA5-4C97-8474-C7A3EFCF7CCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE6472E-AC94-431C-B8EA-8A3ED1828E85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DAFF35-BD11-4EED-8B79-E99AE8A0E620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5FDFE57E-7905-4DC8-93FC-CAE5BC070790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BEC305-F98D-45F4-B149-1188744DE408",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC85C5A2-04BC-4E10-9EAF-6AF2CBC3AF41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C66DD3-20D9-4B47-AFA4-0BA789A973FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7178BB7D-7098-44FB-8DC1-C6A7AF5D6EE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F4A9A99-C26E-4476-934E-24AADFBDB8B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A73A4517-CA0C-4C11-BD22-47F53DFBD7B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C22AC9CB-44C3-43E1-B29A-3D06A421E51D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "51998570-6EFF-436C-9297-601B17A31788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D944BB64-73C5-402C-9D14-077B8FC9DB8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3A32DF4D-B68E-4C3E-AF20-05C80B26461A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B877D86-6ABE-43E8-A681-0C937C779388",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6342F6-709A-4043-A879-57E9C7232C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CDFA1C-9C07-4744-95F9-93A2332E2F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10D8C43B-C109-44E1-868F-7DC1289D9BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFBB5B-8566-45BC-9123-5418821E6EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2CC2A-232C-43A6-8C9B-E6125C051BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84EA62-E3F8-4E4C-9FEF-065300C4611A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0232D8EF-1DB3-477D-818C-B79B68406197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8158D2-ECB0-4F89-BE73-568CA213D9B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "443530AE-4F33-4453-826A-8D705DFB7C03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "364E7E8D-D988-4546-9E61-CD2D1A6F0728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D34C6DE1-40BC-44F3-B106-47E4FA1C4FF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0AA277-39E7-441C-9AF2-18848FD4C9D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4938F063-34AF-4C5F-AF43-534C3D052720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3902033E-35AB-4358-9D07-AF8C59A9621A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "559C7C20-BD07-4E30-A74C-EA35DB2E3F2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B15D55E2-D1C2-4934-8C51-2DA2778ADF7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9B31F581-9E7A-4882-A915-FE4784FDC996",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BA1E396E-905A-4CE3-8AEB-12BFBE679B2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1186E8-2639-476F-802E-580D98F2E255",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Quality Manager (RQM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Team Concert (RTC) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Requirements Composer (RRC) 4.x through 4.0.7; and Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
},
{
"lang": "es",
"value": "Vulnerabilidad XSS en Jazz Team Server en Jazz Foundation en IBM Rational Collaborative Lifecycle Management (CLM) en la versi\u00f3n 4.x anterior a 4.0.7 IF6 5.x anterior a 5.0.2 IF5; Rational Quality Manager (RQM) 4.x anterior a 4.0.7 IF6 5.x anterior a 5.0.2 IF5; Rational Team Concert (RTC) 4.x anterior a 4.0.7 IF6 5.x anterior a 5.0.2 IF5; Rational Requirements Composer (RRC) 4.x trav\u00e9s de 4.0.7; y Rational DOORS Next Generation (RDNG) 4.x anterior a 4.0.7 IF6 5.x anterior a 5.0.2 IF5, permite a atacantes remotos inyectar secuencias de comandos o HTML arbitrario por medio de una URL manipulada."
}
],
"id": "CVE-2015-0130",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-07-20T01:59:02.347",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960407"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-23 16:59
Modified
2025-04-20 01:37
Severity ?
Summary
IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1995515.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=swg21995515 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=swg21995515 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | rational_doors_next_generation | 5.0 | |
| ibm | rational_doors_next_generation | 5.0.0 | |
| ibm | rational_doors_next_generation | 5.0.1 | |
| ibm | rational_doors_next_generation | 5.0.2 | |
| ibm | rational_doors_next_generation | 6.0.0 | |
| ibm | rational_doors_next_generation | 6.0.1 | |
| ibm | rational_doors_next_generation | 6.0.2 | |
| ibm | rational_requirements_composer | 4.0.1 | |
| ibm | rational_requirements_composer | 4.0.2 | |
| ibm | rational_requirements_composer | 4.0.3 | |
| ibm | rational_requirements_composer | 4.0.4 | |
| ibm | rational_requirements_composer | 4.0.5 | |
| ibm | rational_requirements_composer | 4.0.6 | |
| ibm | rational_requirements_composer | 4.0.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2431038-D838-4AB0-B614-EDC1D4D203E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D76BE6D-5C28-404A-BBF3-E2C9E1596E8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AE1241-9998-4F5D-862A-52CE40DB24C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F32526-C148-4FCE-B32B-88A8F2BB3A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "749C6DAF-EF92-40DD-9CE8-535D1C5BB745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "666FB9C2-4A39-4C21-B00B-3ABF4EE9805E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFBB5B-8566-45BC-9123-5418821E6EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2CC2A-232C-43A6-8C9B-E6125C051BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84EA62-E3F8-4E4C-9FEF-065300C4611A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0232D8EF-1DB3-477D-818C-B79B68406197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8158D2-ECB0-4F89-BE73-568CA213D9B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1995515."
},
{
"lang": "es",
"value": "IBM Rational DOORS Next Generation 4.0, 5.0 y 6.0 es vulnerable a XSS. Esta vulnerabilidad permite a usuarios incrustar c\u00f3digo JavaScript arbitrario en la interfaz web alterando as\u00ed la funcionalidad prevista conduciendo potencialmente a divulgaci\u00f3n de credenciales en una sesi\u00f3n de confianza. IBM Reference #: 1995515."
}
],
"id": "CVE-2016-6055",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-23T16:59:00.217",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995515"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995515"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-12-10 19:55
Modified
2025-04-11 00:51
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the search implementation in IBM Rational Quality Manager (RQM) 2.0 through 2.0.1.1, 3.x before 3.0.1.6 iFix 1, and 4.x before 4.0.5, as used in Rational Team Concert, Rational Requirements Composer, and other products, allows remote authenticated users to inject arbitrary web script or HTML via vectors involving an IFRAME element.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CE0A31B-7A9B-40E6-8648-365D018BA0E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A9E54DB-5CB0-4289-B1A7-EA82494A8FEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B2944B8-BFD1-4184-8E49-69385DD0C0D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "71ECC4C2-BF61-47C7-8435-BE71F1AD0A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A826A681-A706-4512-B863-1FEABFBCC677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A79E7EF2-5615-4300-BC0D-865DBDC8B46F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C59EB6D6-2A74-4988-912C-97045647F1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EAB61F7-B5B4-47E8-8BFD-02F025358781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F93D8CAB-0DF0-4A1D-B1A3-78FF892D04AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7204792C-1506-4E95-92CD-098F760FC429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "09FC134C-08AB-4874-B31D-B08CDF4C2DE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1649F910-F8B9-4AAD-9743-C37B8784A771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CEDB1D69-FFD1-49DB-9775-B11F21E200F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "443530AE-4F33-4453-826A-8D705DFB7C03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "364E7E8D-D988-4546-9E61-CD2D1A6F0728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D34C6DE1-40BC-44F3-B106-47E4FA1C4FF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0AA277-39E7-441C-9AF2-18848FD4C9D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4938F063-34AF-4C5F-AF43-534C3D052720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3902033E-35AB-4358-9D07-AF8C59A9621A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "559C7C20-BD07-4E30-A74C-EA35DB2E3F2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10E211DC-D0D7-4527-AE87-231A19D58C6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "20AABE5F-C942-45BB-86A9-C3F2E949D64E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A04D314-F6EB-41B9-945A-D8428D86B655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3717DCFC-1336-45EC-919C-E1CD1B37DA2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BC743273-AD4B-4A14-9C0C-23A865A640C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E8B281-4A2E-41E9-8953-9F041030EF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF24AEA-D261-485F-A7FF-D5DAF033C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FDD53B1B-BCD3-4A8D-8FBB-4965FA30D9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C0FA509F-C96E-428C-A69A-7D96E1C219B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0229C996-3960-4A7A-BA2E-03819281CA6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FBFCAE-0324-4C8B-82F4-1EBFA440CB1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "17099F68-B49C-4433-98B6-7C7FE8846702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D43547B3-1085-48B1-A6D3-32B791EE09FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D3894CB-8DF7-4011-B47F-36485A2A6E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFBB5B-8566-45BC-9123-5418821E6EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2CC2A-232C-43A6-8C9B-E6125C051BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D0173BE-F9DE-4566-B060-095203FAACA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4875C452-2466-45F1-8923-00E5340D74D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8B15EF2E-A114-4128-85F1-889EDC3F6C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F07F4E00-F0BA-4821-B5B4-3C0E9D01AAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C80E49B8-8BC4-4150-B86A-A5E474F4E598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4E92346D-B1A8-43F8-B2C1-E69A3301560B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F081AEF5-3F0F-4D58-8BBE-EDB9C569CAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "44840CC3-5720-4AF8-B508-67AB5E3E1CA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3F65519B-90F8-4A17-BA94-FDFDE5BF8CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "71F5759B-9D36-46DA-8F1B-CF7899AC7E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C7E81B-DA97-4545-9C78-962E5FE9202D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9DF445D-E457-4FA5-A2BE-F05828F8F799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E1CE1A44-9F74-4405-AAB4-E38487FBD91A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "29160905-BBD7-486C-A4E0-5778717389E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0A538D21-6F83-4F01-AB4F-788A89F922CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "233E248F-0EA5-4C97-8474-C7A3EFCF7CCA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the search implementation in IBM Rational Quality Manager (RQM) 2.0 through 2.0.1.1, 3.x before 3.0.1.6 iFix 1, and 4.x before 4.0.5, as used in Rational Team Concert, Rational Requirements Composer, and other products, allows remote authenticated users to inject arbitrary web script or HTML via vectors involving an IFRAME element."
},
{
"lang": "es",
"value": "Vulenrabilidad Cross-site scripting (XSS) en la aplicaci\u00f3n de b\u00fasqueda en IBM Rational Quality Manager (RQM) 2.0 a 2.0.1.1, 3.0.1.6 3.x antes iFix 1, 4.x antes de 4.0.5, tal como se utiliza en Rational Team Concert, Rational Requirements Composer, y otros productos, permite a usuarios remotos autenticados inyectar web scripts o HTML a trav\u00e9s de vectores relacionados con un elemento IFRAME."
}
],
"id": "CVE-2013-5404",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-12-10T19:55:07.297",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21653689"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21653689"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87318"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-09-12 13:28
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in IBM Rational Requirements Composer before 4.0.4 makes it easier for local users to gain privileges via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | rational_requirements_composer | * | |
| ibm | rational_requirements_composer | 4.0.0 | |
| ibm | rational_requirements_composer | 4.0.1 | |
| ibm | rational_requirements_composer | 4.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9442F575-4411-4900-90E8-3AA00F9B2329",
"versionEndIncluding": "4.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6342F6-709A-4043-A879-57E9C7232C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Rational Requirements Composer before 4.0.4 makes it easier for local users to gain privileges via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en IBM Rational Requirements Composer anterior a 4.0.4 facilita a atacantes locales escalar privilegios trav\u00e9s de vectores desconocidos"
}
],
"id": "CVE-2013-3037",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-09-12T13:28:31.933",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645927"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84689"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645927"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84689"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-03-18 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational DOORS Next Generation 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5; and other products, allows remote authenticated users to read the dashboards of arbitrary users via unspecified vectors.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www-01.ibm.com/support/docview.wss?uid=swg21698247 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21698247 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "817714F1-B68E-41DB-A4FC-34FD5518B9BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0477D24-56F7-46A2-A08A-C20A90E6E85C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CABBD25-7C8D-4CE1-B9C9-75670C8B5B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31D9D1B5-C3D1-42F2-A963-9FA30CF20AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E0514FAC-52CE-41F6-B255-E2D83E71F3E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA25E78-52E0-4B5E-AECC-0F24C827F3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "746190AA-6D21-446F-80F5-4C98F5BF74A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08125E1B-FE2B-436C-A69F-067BC1B5C542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2431038-D838-4AB0-B614-EDC1D4D203E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AE1241-9998-4F5D-862A-52CE40DB24C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10E211DC-D0D7-4527-AE87-231A19D58C6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "20AABE5F-C942-45BB-86A9-C3F2E949D64E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A04D314-F6EB-41B9-945A-D8428D86B655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3717DCFC-1336-45EC-919C-E1CD1B37DA2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BC743273-AD4B-4A14-9C0C-23A865A640C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E8B281-4A2E-41E9-8953-9F041030EF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF24AEA-D261-485F-A7FF-D5DAF033C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FDD53B1B-BCD3-4A8D-8FBB-4965FA30D9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C0FA509F-C96E-428C-A69A-7D96E1C219B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0229C996-3960-4A7A-BA2E-03819281CA6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FBFCAE-0324-4C8B-82F4-1EBFA440CB1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "17099F68-B49C-4433-98B6-7C7FE8846702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D43547B3-1085-48B1-A6D3-32B791EE09FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9641F4-846F-4FB0-BE40-F30972C87D7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5E21B53E-28C2-4930-88F3-3AADD1BF31B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF2CAB1D-B5AB-42D2-8F35-52C6F64EC0FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "71816D92-AC01-4F7D-A878-7280175BB422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "88D17CA5-2B63-4914-9DBF-5861F69B5238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7D3B001F-0031-4BED-9A49-B9589EC9E5CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B8CED8F4-22A6-4945-A21F-0D399BE661F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C2FA0B68-62BE-45B5-A359-1F922BEA587C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC85C5A2-04BC-4E10-9EAF-6AF2CBC3AF41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C66DD3-20D9-4B47-AFA4-0BA789A973FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7178BB7D-7098-44FB-8DC1-C6A7AF5D6EE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F4A9A99-C26E-4476-934E-24AADFBDB8B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A73A4517-CA0C-4C11-BD22-47F53DFBD7B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C22AC9CB-44C3-43E1-B29A-3D06A421E51D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "51998570-6EFF-436C-9297-601B17A31788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D944BB64-73C5-402C-9D14-077B8FC9DB8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3A32DF4D-B68E-4C3E-AF20-05C80B26461A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B877D86-6ABE-43E8-A681-0C937C779388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "61DE20FB-F2C6-49CB-B1A7-0C5A1F802C56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4875C452-2466-45F1-8923-00E5340D74D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8B15EF2E-A114-4128-85F1-889EDC3F6C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F07F4E00-F0BA-4821-B5B4-3C0E9D01AAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C80E49B8-8BC4-4150-B86A-A5E474F4E598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6915A8F-05A1-4D39-BF53-0C3F4B155A9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4E92346D-B1A8-43F8-B2C1-E69A3301560B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F081AEF5-3F0F-4D58-8BBE-EDB9C569CAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "44840CC3-5720-4AF8-B508-67AB5E3E1CA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3F65519B-90F8-4A17-BA94-FDFDE5BF8CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "71F5759B-9D36-46DA-8F1B-CF7899AC7E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C7E81B-DA97-4545-9C78-962E5FE9202D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6D790D42-7B73-40A6-BF0E-630099FB97E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FABBECCB-F0B9-4D45-9372-6F313F841FE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9DF445D-E457-4FA5-A2BE-F05828F8F799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E1CE1A44-9F74-4405-AAB4-E38487FBD91A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "29160905-BBD7-486C-A4E0-5778717389E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0A538D21-6F83-4F01-AB4F-788A89F922CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "233E248F-0EA5-4C97-8474-C7A3EFCF7CCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE6472E-AC94-431C-B8EA-8A3ED1828E85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DAFF35-BD11-4EED-8B79-E99AE8A0E620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5FDFE57E-7905-4DC8-93FC-CAE5BC070790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BEC305-F98D-45F4-B149-1188744DE408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E837B6AB-B8FF-413E-8DE9-EE61F6113ED1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CE0A31B-7A9B-40E6-8648-365D018BA0E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A9E54DB-5CB0-4289-B1A7-EA82494A8FEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B2944B8-BFD1-4184-8E49-69385DD0C0D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "71ECC4C2-BF61-47C7-8435-BE71F1AD0A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A826A681-A706-4512-B863-1FEABFBCC677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A79E7EF2-5615-4300-BC0D-865DBDC8B46F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C59EB6D6-2A74-4988-912C-97045647F1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EAB61F7-B5B4-47E8-8BFD-02F025358781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F93D8CAB-0DF0-4A1D-B1A3-78FF892D04AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7204792C-1506-4E95-92CD-098F760FC429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "09FC134C-08AB-4874-B31D-B08CDF4C2DE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1649F910-F8B9-4AAD-9743-C37B8784A771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CEDB1D69-FFD1-49DB-9775-B11F21E200F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "443530AE-4F33-4453-826A-8D705DFB7C03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "364E7E8D-D988-4546-9E61-CD2D1A6F0728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D34C6DE1-40BC-44F3-B106-47E4FA1C4FF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0AA277-39E7-441C-9AF2-18848FD4C9D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4938F063-34AF-4C5F-AF43-534C3D052720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3902033E-35AB-4358-9D07-AF8C59A9621A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "559C7C20-BD07-4E30-A74C-EA35DB2E3F2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B15D55E2-D1C2-4934-8C51-2DA2778ADF7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9B31F581-9E7A-4882-A915-FE4784FDC996",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BA1E396E-905A-4CE3-8AEB-12BFBE679B2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1186E8-2639-476F-802E-580D98F2E255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7E998F-416E-4E1F-BF85-606224B468CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational DOORS Next Generation 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5; and other products, allows remote authenticated users to read the dashboards of arbitrary users via unspecified vectors."
},
{
"lang": "es",
"value": "IBM Rational Jazz Team Server (JTS), utilixado en Rational Collaborative Lifecycle Management 3.x y 4.x y 4.0.7 iFix4 y 5.x anterior a 5.0.2 iFix2; Rational Quality Manager 2.x y 3.x anterior a 3.0.1.6 iFix5, 4.x anterior a 4.0.7 iFix4, y 5.x anterior a 5.0.2 iFix2; Rational Team Concert 2.x y 3.x anterior a 3.0.1.6 iFix5, 4.x anterior a 4.0.7 iFix4, y 5.x anterior a 5.0.2 iFix2; Rational DOORS Next Generation 4.x anterior a 4.0.7 iFix4 y 5.x anterior a 5.0.2 iFix2; Rational Requirements Composer 2.x y 3.x anterior a 3.0.1.6 iFix5; y otros productos, permite a usuarios remotos autenticados leer los paneles de control de usuarios arbitrarios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-6131",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-03-18T10:59:01.197",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698247"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698247"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-01-02 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.x before 6.0.0 IF4; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Engineering Lifecycle Manager (RELM) 4.0.3 through 4.0.7, 5.0 through 5.0.2, and 6.0.0; Rational Rhapsody Design Manager (DM) 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0.0; and Rational Software Architect Design Manager (DM) 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0.0 allows remote authenticated users to conduct clickjacking attacks via a crafted web site.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CE0A31B-7A9B-40E6-8648-365D018BA0E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "71ECC4C2-BF61-47C7-8435-BE71F1AD0A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A79E7EF2-5615-4300-BC0D-865DBDC8B46F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C59EB6D6-2A74-4988-912C-97045647F1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EAB61F7-B5B4-47E8-8BFD-02F025358781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F93D8CAB-0DF0-4A1D-B1A3-78FF892D04AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7204792C-1506-4E95-92CD-098F760FC429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "09FC134C-08AB-4874-B31D-B08CDF4C2DE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1649F910-F8B9-4AAD-9743-C37B8784A771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CEDB1D69-FFD1-49DB-9775-B11F21E200F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "443530AE-4F33-4453-826A-8D705DFB7C03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "364E7E8D-D988-4546-9E61-CD2D1A6F0728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D34C6DE1-40BC-44F3-B106-47E4FA1C4FF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0AA277-39E7-441C-9AF2-18848FD4C9D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4938F063-34AF-4C5F-AF43-534C3D052720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3902033E-35AB-4358-9D07-AF8C59A9621A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "559C7C20-BD07-4E30-A74C-EA35DB2E3F2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B15D55E2-D1C2-4934-8C51-2DA2778ADF7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0F2747-175E-4B85-9020-162F019860EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9B31F581-9E7A-4882-A915-FE4784FDC996",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D094EE5E-DF84-4922-A612-35CD4DC4D875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1186E8-2639-476F-802E-580D98F2E255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7E998F-416E-4E1F-BF85-606224B468CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF445BA2-BD53-43FB-BF1E-58510FC4FF3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:3.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA18DE5C-904D-4FD0-A479-18314B170ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "890ABCC2-F417-4E6E-A0A8-7D485FAE3FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46883130-F370-406C-A8E8-213399F2EE47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A13CE71-BEC0-4DEC-9CF7-183672F6729D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2DB2451D-F31E-4CF6-8E61-2970A4FB174D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01A27F4B-0ED9-479F-B91B-FCB514CF1D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAF452F-94AB-4857-BCD6-AE5251C61526",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7596E71E-4507-4EFC-ABF9-41D8FD338CC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9B201E3D-1028-4955-AFE2-AF8C14CAA182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A1C966E0-6372-4CA5-902E-DEE17FC139E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B12D7433-30F0-427F-BF82-0AAD492CE35D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6E654FB-BD17-4308-9CD0-163D8DA0BD6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "64D14BEF-D1F0-4C27-87F0-8BCAD8A3E369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B9D0C8-2EB2-4209-8495-1B3B823D9A41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10E211DC-D0D7-4527-AE87-231A19D58C6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "20AABE5F-C942-45BB-86A9-C3F2E949D64E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A04D314-F6EB-41B9-945A-D8428D86B655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3717DCFC-1336-45EC-919C-E1CD1B37DA2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BC743273-AD4B-4A14-9C0C-23A865A640C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E8B281-4A2E-41E9-8953-9F041030EF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF24AEA-D261-485F-A7FF-D5DAF033C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FDD53B1B-BCD3-4A8D-8FBB-4965FA30D9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C0FA509F-C96E-428C-A69A-7D96E1C219B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0229C996-3960-4A7A-BA2E-03819281CA6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FBFCAE-0324-4C8B-82F4-1EBFA440CB1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "17099F68-B49C-4433-98B6-7C7FE8846702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D43547B3-1085-48B1-A6D3-32B791EE09FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D3894CB-8DF7-4011-B47F-36485A2A6E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CDFA1C-9C07-4744-95F9-93A2332E2F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10D8C43B-C109-44E1-868F-7DC1289D9BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFBB5B-8566-45BC-9123-5418821E6EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2CC2A-232C-43A6-8C9B-E6125C051BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84EA62-E3F8-4E4C-9FEF-065300C4611A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0232D8EF-1DB3-477D-818C-B79B68406197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8158D2-ECB0-4F89-BE73-568CA213D9B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B30003D-1BF8-414D-9D6D-9D1B90D4EBB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:1.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B5AC6B-5DCB-458C-8267-6AF5CC9C3E44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C380E168-9045-4BF3-A485-2943B2FDE44D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED17A54-D64F-4FEC-A9FF-1D85C0E0595E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5917861D-85E7-45F6-9150-BD6F2E272832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "90570EDF-C0A3-4AF5-9763-2D6473762A24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "608625CE-F543-4DCA-A3F9-70A35ECD1550",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1738F8-EECC-46C9-AE0C-46E8E4B2AC5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F01BD6B-30EA-4AD6-A2CA-04638FF59DF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3E8B81FD-2288-4DD3-9AAC-76016FFA2D30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5E997305-EC48-42C4-9408-EE622818BA03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0477D24-56F7-46A2-A08A-C20A90E6E85C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CABBD25-7C8D-4CE1-B9C9-75670C8B5B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31D9D1B5-C3D1-42F2-A963-9FA30CF20AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E0514FAC-52CE-41F6-B255-E2D83E71F3E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA25E78-52E0-4B5E-AECC-0F24C827F3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "746190AA-6D21-446F-80F5-4C98F5BF74A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08125E1B-FE2B-436C-A69F-067BC1B5C542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2431038-D838-4AB0-B614-EDC1D4D203E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AE1241-9998-4F5D-862A-52CE40DB24C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5E21B53E-28C2-4930-88F3-3AADD1BF31B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C66DD3-20D9-4B47-AFA4-0BA789A973FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7178BB7D-7098-44FB-8DC1-C6A7AF5D6EE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F4A9A99-C26E-4476-934E-24AADFBDB8B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A73A4517-CA0C-4C11-BD22-47F53DFBD7B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C22AC9CB-44C3-43E1-B29A-3D06A421E51D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "51998570-6EFF-436C-9297-601B17A31788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D944BB64-73C5-402C-9D14-077B8FC9DB8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B08EF876-5D00-45DC-A724-D2496854D87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B877D86-6ABE-43E8-A681-0C937C779388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "61DE20FB-F2C6-49CB-B1A7-0C5A1F802C56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D5C2251-FB5D-4775-BDB8-6115732E6615",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:3.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB05DAD7-F6DB-4441-B9D4-BD0F1BD1DF25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "89BE9040-CC37-495C-A05B-FC3DFBC02DC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B450B35-5169-4B41-B928-0F22DF55A28C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B4FF44-507B-4F2E-9C7C-4D8A046542D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1DD60E-3E2C-4F42-9892-B031CB3B570D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6504477B-9BF5-49F6-8E3A-9B07B30895B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C0C4948B-69C4-4CAF-808E-426483ED0622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1C297440-406F-4508-9D8D-92F79DF91C4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "79FB3730-EE6A-44CE-8FCD-4CE6D055EB2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3C416F89-7E5E-4FE7-A532-F13843AA1771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2654BDE-3134-4653-B472-995B02E9B841",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C36DDB50-CF31-4B3C-AE49-99A3AFBC0791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9DFDE569-8BE3-4CFD-8228-FF785B004068",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D0173BE-F9DE-4566-B060-095203FAACA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4875C452-2466-45F1-8923-00E5340D74D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8B15EF2E-A114-4128-85F1-889EDC3F6C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F07F4E00-F0BA-4821-B5B4-3C0E9D01AAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C80E49B8-8BC4-4150-B86A-A5E474F4E598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6915A8F-05A1-4D39-BF53-0C3F4B155A9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4E92346D-B1A8-43F8-B2C1-E69A3301560B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F081AEF5-3F0F-4D58-8BBE-EDB9C569CAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "44840CC3-5720-4AF8-B508-67AB5E3E1CA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3F65519B-90F8-4A17-BA94-FDFDE5BF8CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "71F5759B-9D36-46DA-8F1B-CF7899AC7E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C7E81B-DA97-4545-9C78-962E5FE9202D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6D790D42-7B73-40A6-BF0E-630099FB97E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FABBECCB-F0B9-4D45-9372-6F313F841FE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9DF445D-E457-4FA5-A2BE-F05828F8F799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E1CE1A44-9F74-4405-AAB4-E38487FBD91A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "29160905-BBD7-486C-A4E0-5778717389E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0A538D21-6F83-4F01-AB4F-788A89F922CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "233E248F-0EA5-4C97-8474-C7A3EFCF7CCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE6472E-AC94-431C-B8EA-8A3ED1828E85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DAFF35-BD11-4EED-8B79-E99AE8A0E620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8EA5622F-81FF-4C0C-8A3D-9ACFE30B0ACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BEC305-F98D-45F4-B149-1188744DE408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E837B6AB-B8FF-413E-8DE9-EE61F6113ED1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.x before 6.0.0 IF4; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Engineering Lifecycle Manager (RELM) 4.0.3 through 4.0.7, 5.0 through 5.0.2, and 6.0.0; Rational Rhapsody Design Manager (DM) 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0.0; and Rational Software Architect Design Manager (DM) 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0.0 allows remote authenticated users to conduct clickjacking attacks via a crafted web site."
},
{
"lang": "es",
"value": "Jazz Team Server en Jazz Foundation en IBM Rational Collaborative Lifecycle Management (CLM) 3.x y 4.x en versiones anteriores a 4.0.7 IF9, 5.x en versiones anteriores a 5.0.2 IF11 y 6.x en versiones anteriores a 6.0.0 IF4; Rational Quality Manager (RQM) 3.x en versiones anteriores a 3.0.1.6 IF7, 4.x en versiones anteriores a 4.0.7 IF9, 5.x en versiones anteriores a 5.0.2 IF11 y 6.0 en versiones anteriores a 6.0.0 IF4; Rational Team Concert (RTC) 3.x en versiones anteriores a 3.0.1.6 IF7, 4.x en versiones anteriores a 4.0.7 IF9, 5.x en versiones anteriores a 5.0.2 IF11 y 6.0 en versiones anteriores a 6.0.0 IF4; Rational Requirements Composer (RRC) 3.x en versiones anteriores a 3.0.1.6 IF7 y 4.x en versiones anteriores a 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x en versiones anteriores a 4.0.7 IF9, 5.x en versiones anteriores a 5.0.2 IF11 y 6.0 en versiones anteriores a 6.0.0 IF4; Rational Engineering Lifecycle Manager (RELM) 4.0.3 hasta la versi\u00f3n 4.0.7, 5.0 hasta la versi\u00f3n 5.0.2 y 6.0.0; Rational Rhapsody Design Manager (DM) 4.0 hasta la versi\u00f3n 4.0.7, 5.0 hasta la versi\u00f3n 5.0.2 y 6.0.0; y Rational Software Architect Design Manager (DM) 4.0 hasta la versi\u00f3n 4.0.7, 5.0 hasta la versi\u00f3n 5.0.2 y 6.0.0 permite a usuarios remotos autenticados llevar a cabo ataques de secuestro de clic a trav\u00e9s de una p\u00e1gina web manipulada."
}
],
"id": "CVE-2015-1928",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-01-02T21:59:00.127",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973200"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securitytracker.com/id/1034565"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securitytracker.com/id/1034566"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securitytracker.com/id/1034567"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securitytracker.com/id/1034568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973200"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034566"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034567"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034568"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-09-12 13:28
Modified
2025-04-11 00:51
Severity ?
Summary
IBM Rational Requirements Composer before 4.0.4 does not properly perform authentication, which has unspecified impact and remote attack vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | rational_requirements_composer | * | |
| ibm | rational_requirements_composer | 4.0.0 | |
| ibm | rational_requirements_composer | 4.0.1 | |
| ibm | rational_requirements_composer | 4.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9442F575-4411-4900-90E8-3AA00F9B2329",
"versionEndIncluding": "4.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6342F6-709A-4043-A879-57E9C7232C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Rational Requirements Composer before 4.0.4 does not properly perform authentication, which has unspecified impact and remote attack vectors."
},
{
"lang": "es",
"value": "IBM Rational Requirements Composer anterior a v4.0.4 no realiza una autenticaci\u00f3n adecuada, lo cual tiene un impacto no especificado y vectores de ataque remotos."
}
],
"id": "CVE-2013-3039",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-09-12T13:28:32.060",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645927"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84709"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645927"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84709"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-03-15 22:29
Modified
2024-11-21 02:36
Severity ?
Summary
IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, and 4.0.7 before iFix10, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4 might allow local users to gain privileges via unspecified vectors. IBM X-Force ID: 108098.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www-01.ibm.com/support/docview.wss?uid=swg21982747 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/108098 | VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21982747 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/108098 | VDB Entry, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5103D1D-DC6C-40CE-8092-5102E8F10A6E",
"versionEndIncluding": "6.0.1",
"versionStartIncluding": "3.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EEF02561-E60D-4577-B4AB-D2085B3599F1",
"versionEndIncluding": "3.0.1.6",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF1C422A-3D5F-48B1-BC6E-954D1AFA34F9",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D094EE5E-DF84-4922-A612-35CD4DC4D875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1186E8-2639-476F-802E-580D98F2E255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7E998F-416E-4E1F-BF85-606224B468CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7569ED1E-D61E-4F97-825B-2B20A1C03319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E52984F5-4372-4D13-95B1-51F4DB19D425",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "748629D9-94EA-4A8C-84D9-16AD00442C05",
"versionEndIncluding": "3.0.6",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51CDEB94-002E-479A-A055-F3FD38D3AE41",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8EA5622F-81FF-4C0C-8A3D-9ACFE30B0ACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BEC305-F98D-45F4-B149-1188744DE408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E837B6AB-B8FF-413E-8DE9-EE61F6113ED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB5C385D-6C5B-4D5E-8628-6D80E8E54403",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF686B93-3DE2-4A4D-BA6F-10CA9AFCFA73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23C054AA-DA70-431C-A410-01671854C0D0",
"versionEndIncluding": "3.0.1.6",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CAE640E-7342-44B0-8C02-97EE71ECAD91",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B3D3092-A570-45DE-9CD4-72E01787D189",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2431038-D838-4AB0-B614-EDC1D4D203E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AE1241-9998-4F5D-862A-52CE40DB24C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F32526-C148-4FCE-B32B-88A8F2BB3A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "749C6DAF-EF92-40DD-9CE8-535D1C5BB745",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FA536CF-BF5F-42F1-8F7A-7850E4AC9319",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1738F8-EECC-46C9-AE0C-46E8E4B2AC5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F01BD6B-30EA-4AD6-A2CA-04638FF59DF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3E8B81FD-2288-4DD3-9AAC-76016FFA2D30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61CE7D3E-BF02-44DA-ADAE-5CB0E22492AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F5ECD177-5310-44DA-A364-1077898C3A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19611ED3-74F3-4124-A334-09A66A9274A9",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B12D7433-30F0-427F-BF82-0AAD492CE35D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6E654FB-BD17-4308-9CD0-163D8DA0BD6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "64D14BEF-D1F0-4C27-87F0-8BCAD8A3E369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B9D0C8-2EB2-4209-8495-1B3B823D9A41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "94EF2E53-3618-4610-AC36-602584DB26EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D29F101-F08E-42A1-B7F2-1BD982F81221",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2654BDE-3134-4653-B472-995B02E9B841",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C36DDB50-CF31-4B3C-AE49-99A3AFBC0791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9DFDE569-8BE3-4CFD-8228-FF785B004068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9800CBFC-3169-42CA-BB36-22C34F222FD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5D3E975D-3D7B-4DE3-B961-BA6D38329563",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, and 4.0.7 before iFix10, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4 might allow local users to gain privileges via unspecified vectors. IBM X-Force ID: 108098."
},
{
"lang": "es",
"value": "IBM Rational Collaborative Lifecycle Management (CLM) en versiones 3.0.1 anteriores a 3.0.1.6 iFix7 Interim Fix 1, 4.0.x anteriores a 4.0.7 iFix10, 5.0.x anteriores a 5.0.2 iFix15 y 6.0.x anteriores a 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x anteriores a 3.0.1.6 iFix7 Interim Fix 1, 4.0.x anteriores a 4.0.7 iFix10, 5.0.x anteriores a 5.0.2 iFix15 y 6.0.x anteriores a 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x anteriores a 3.0.1.6 iFix7 Interim Fix 1, 4.0.x anteriores a 4.0.7 iFix10, 5.0.x anteriores a 5.0.2 iFix15 y 6.0.x anteriores a 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x anteriores a 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x anteriores a 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x anteriores a 4.0.7 iFix10, 5.0.x anteriores a 5.0.2 iFix15 y 6.0.x anteriores a 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6 y 4.0.7 anteriores a iFix10, 5.0.x anteriores a 5.0.2 iFix1 y 6.0.x anteriores a 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x anteriores a 4.0.7 iFix10, 5.0.x anteriores a 5.0.2 iFix15 y 6.0.x anteriores a 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x anteriores a 4.0.7 iFix10, 5.0.x anteriores a 5.0.2 iFix15 y 6.0.x anteriores a 6.0.1 iFix4 podr\u00edan permitir que los usuarios locales obtengan privilegios mediante vectores sin especificar. IBM X-Force ID: 108098."
}
],
"id": "CVE-2015-7440",
"lastModified": "2024-11-21T02:36:47.680",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-15T22:29:00.230",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982747"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108098"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-06-12 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124751.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=swg22002809 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | http://www.securityfocus.com/bid/99000 | Third Party Advisory, VDB Entry | |
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/124751 | VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=swg22002809 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/99000 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/124751 | VDB Entry, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | rational_doors_next_generation | 5.0 | |
| ibm | rational_doors_next_generation | 5.0.0 | |
| ibm | rational_doors_next_generation | 5.0.1 | |
| ibm | rational_doors_next_generation | 5.0.2 | |
| ibm | rational_doors_next_generation | 6.0.0 | |
| ibm | rational_doors_next_generation | 6.0.1 | |
| ibm | rational_doors_next_generation | 6.0.2 | |
| ibm | rational_doors_next_generation | 6.0.3 | |
| ibm | rational_requirements_composer | 4.0.1 | |
| ibm | rational_requirements_composer | 4.0.2 | |
| ibm | rational_requirements_composer | 4.0.3 | |
| ibm | rational_requirements_composer | 4.0.4 | |
| ibm | rational_requirements_composer | 4.0.5 | |
| ibm | rational_requirements_composer | 4.0.6 | |
| ibm | rational_requirements_composer | 4.0.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2431038-D838-4AB0-B614-EDC1D4D203E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D76BE6D-5C28-404A-BBF3-E2C9E1596E8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AE1241-9998-4F5D-862A-52CE40DB24C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F32526-C148-4FCE-B32B-88A8F2BB3A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "749C6DAF-EF92-40DD-9CE8-535D1C5BB745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "666FB9C2-4A39-4C21-B00B-3ABF4EE9805E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "27404EC5-26B2-490E-8211-09783FEF084C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFBB5B-8566-45BC-9123-5418821E6EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2CC2A-232C-43A6-8C9B-E6125C051BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84EA62-E3F8-4E4C-9FEF-065300C4611A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0232D8EF-1DB3-477D-818C-B79B68406197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8158D2-ECB0-4F89-BE73-568CA213D9B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124751."
},
{
"lang": "es",
"value": "IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 y 6.0 es vulnerable a Cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar c\u00f3digo Javascript arbitrario en la interfaz web lo que alterar\u00eda la funcionalidad planeada llevando potencialmente a la revelaci\u00f3n de las credenciales dentro de una sesi\u00f3n confiable. IBM X-Force ID: 124751."
}
],
"id": "CVE-2017-1276",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-06-12T19:29:00.290",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002809"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99000"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/124751"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002809"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/124751"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-01-03 00:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF8 and 5.x before 5.0.2 IF10; Rational Quality Manager (RQM) 2.x and 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF8, and 5.x before 5.0.2 IF10; Rational Team Concert (RTC) 2.x and 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF8, and 5.x before 5.0.2 IF10; Rational Requirements Composer (RRC) 2.x and 3.x before 3.0.1.6 IF7 and 4.0 through 4.0.7; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF8 and 5.x before 5.0.2 IF10; Rational Engineering Lifecycle Manager (RELM) 1.0 through 1.0.0.1, 4.0.3 through 4.0.7, and 5.0 through 5.0.2; Rational Rhapsody Design Manager (DM) 3.0 through 3.0.1, 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0; and Rational Software Architect Design Manager (DM) 3.0 through 3.0.1, 4.0 through 4.0.7, and 5.0 through 5.0.2 allows remote attackers to cause a denial of service via unknown vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CE0A31B-7A9B-40E6-8648-365D018BA0E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "71ECC4C2-BF61-47C7-8435-BE71F1AD0A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A79E7EF2-5615-4300-BC0D-865DBDC8B46F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C59EB6D6-2A74-4988-912C-97045647F1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EAB61F7-B5B4-47E8-8BFD-02F025358781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F93D8CAB-0DF0-4A1D-B1A3-78FF892D04AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7204792C-1506-4E95-92CD-098F760FC429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "09FC134C-08AB-4874-B31D-B08CDF4C2DE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1649F910-F8B9-4AAD-9743-C37B8784A771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CEDB1D69-FFD1-49DB-9775-B11F21E200F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "443530AE-4F33-4453-826A-8D705DFB7C03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "364E7E8D-D988-4546-9E61-CD2D1A6F0728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D34C6DE1-40BC-44F3-B106-47E4FA1C4FF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0AA277-39E7-441C-9AF2-18848FD4C9D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4938F063-34AF-4C5F-AF43-534C3D052720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3902033E-35AB-4358-9D07-AF8C59A9621A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "559C7C20-BD07-4E30-A74C-EA35DB2E3F2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B15D55E2-D1C2-4934-8C51-2DA2778ADF7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0F2747-175E-4B85-9020-162F019860EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9B31F581-9E7A-4882-A915-FE4784FDC996",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D094EE5E-DF84-4922-A612-35CD4DC4D875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1186E8-2639-476F-802E-580D98F2E255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7E998F-416E-4E1F-BF85-606224B468CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B30003D-1BF8-414D-9D6D-9D1B90D4EBB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:1.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B5AC6B-5DCB-458C-8267-6AF5CC9C3E44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C380E168-9045-4BF3-A485-2943B2FDE44D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED17A54-D64F-4FEC-A9FF-1D85C0E0595E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5917861D-85E7-45F6-9150-BD6F2E272832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "90570EDF-C0A3-4AF5-9763-2D6473762A24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "608625CE-F543-4DCA-A3F9-70A35ECD1550",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1738F8-EECC-46C9-AE0C-46E8E4B2AC5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F01BD6B-30EA-4AD6-A2CA-04638FF59DF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3E8B81FD-2288-4DD3-9AAC-76016FFA2D30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D0173BE-F9DE-4566-B060-095203FAACA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4875C452-2466-45F1-8923-00E5340D74D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8B15EF2E-A114-4128-85F1-889EDC3F6C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F07F4E00-F0BA-4821-B5B4-3C0E9D01AAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C80E49B8-8BC4-4150-B86A-A5E474F4E598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6915A8F-05A1-4D39-BF53-0C3F4B155A9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4E92346D-B1A8-43F8-B2C1-E69A3301560B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F081AEF5-3F0F-4D58-8BBE-EDB9C569CAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "44840CC3-5720-4AF8-B508-67AB5E3E1CA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3F65519B-90F8-4A17-BA94-FDFDE5BF8CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "71F5759B-9D36-46DA-8F1B-CF7899AC7E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C7E81B-DA97-4545-9C78-962E5FE9202D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6D790D42-7B73-40A6-BF0E-630099FB97E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FABBECCB-F0B9-4D45-9372-6F313F841FE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9DF445D-E457-4FA5-A2BE-F05828F8F799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E1CE1A44-9F74-4405-AAB4-E38487FBD91A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "29160905-BBD7-486C-A4E0-5778717389E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0A538D21-6F83-4F01-AB4F-788A89F922CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "233E248F-0EA5-4C97-8474-C7A3EFCF7CCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE6472E-AC94-431C-B8EA-8A3ED1828E85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DAFF35-BD11-4EED-8B79-E99AE8A0E620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8EA5622F-81FF-4C0C-8A3D-9ACFE30B0ACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BEC305-F98D-45F4-B149-1188744DE408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E837B6AB-B8FF-413E-8DE9-EE61F6113ED1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D5C2251-FB5D-4775-BDB8-6115732E6615",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:3.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB05DAD7-F6DB-4441-B9D4-BD0F1BD1DF25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "89BE9040-CC37-495C-A05B-FC3DFBC02DC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B450B35-5169-4B41-B928-0F22DF55A28C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B4FF44-507B-4F2E-9C7C-4D8A046542D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1DD60E-3E2C-4F42-9892-B031CB3B570D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6504477B-9BF5-49F6-8E3A-9B07B30895B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C0C4948B-69C4-4CAF-808E-426483ED0622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1C297440-406F-4508-9D8D-92F79DF91C4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "79FB3730-EE6A-44CE-8FCD-4CE6D055EB2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3C416F89-7E5E-4FE7-A532-F13843AA1771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2654BDE-3134-4653-B472-995B02E9B841",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C36DDB50-CF31-4B3C-AE49-99A3AFBC0791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9DFDE569-8BE3-4CFD-8228-FF785B004068",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5E997305-EC48-42C4-9408-EE622818BA03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0477D24-56F7-46A2-A08A-C20A90E6E85C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CABBD25-7C8D-4CE1-B9C9-75670C8B5B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31D9D1B5-C3D1-42F2-A963-9FA30CF20AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E0514FAC-52CE-41F6-B255-E2D83E71F3E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA25E78-52E0-4B5E-AECC-0F24C827F3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "746190AA-6D21-446F-80F5-4C98F5BF74A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08125E1B-FE2B-436C-A69F-067BC1B5C542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2431038-D838-4AB0-B614-EDC1D4D203E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AE1241-9998-4F5D-862A-52CE40DB24C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10E211DC-D0D7-4527-AE87-231A19D58C6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "20AABE5F-C942-45BB-86A9-C3F2E949D64E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A04D314-F6EB-41B9-945A-D8428D86B655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3717DCFC-1336-45EC-919C-E1CD1B37DA2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BC743273-AD4B-4A14-9C0C-23A865A640C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E8B281-4A2E-41E9-8953-9F041030EF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF24AEA-D261-485F-A7FF-D5DAF033C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FDD53B1B-BCD3-4A8D-8FBB-4965FA30D9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C0FA509F-C96E-428C-A69A-7D96E1C219B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0229C996-3960-4A7A-BA2E-03819281CA6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FBFCAE-0324-4C8B-82F4-1EBFA440CB1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "17099F68-B49C-4433-98B6-7C7FE8846702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D43547B3-1085-48B1-A6D3-32B791EE09FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D3894CB-8DF7-4011-B47F-36485A2A6E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CDFA1C-9C07-4744-95F9-93A2332E2F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10D8C43B-C109-44E1-868F-7DC1289D9BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFBB5B-8566-45BC-9123-5418821E6EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2CC2A-232C-43A6-8C9B-E6125C051BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84EA62-E3F8-4E4C-9FEF-065300C4611A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0232D8EF-1DB3-477D-818C-B79B68406197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8158D2-ECB0-4F89-BE73-568CA213D9B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF445BA2-BD53-43FB-BF1E-58510FC4FF3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:3.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA18DE5C-904D-4FD0-A479-18314B170ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "890ABCC2-F417-4E6E-A0A8-7D485FAE3FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46883130-F370-406C-A8E8-213399F2EE47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A13CE71-BEC0-4DEC-9CF7-183672F6729D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2DB2451D-F31E-4CF6-8E61-2970A4FB174D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01A27F4B-0ED9-479F-B91B-FCB514CF1D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAF452F-94AB-4857-BCD6-AE5251C61526",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7596E71E-4507-4EFC-ABF9-41D8FD338CC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9B201E3D-1028-4955-AFE2-AF8C14CAA182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A1C966E0-6372-4CA5-902E-DEE17FC139E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B12D7433-30F0-427F-BF82-0AAD492CE35D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6E654FB-BD17-4308-9CD0-163D8DA0BD6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "64D14BEF-D1F0-4C27-87F0-8BCAD8A3E369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B9D0C8-2EB2-4209-8495-1B3B823D9A41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5E21B53E-28C2-4930-88F3-3AADD1BF31B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C66DD3-20D9-4B47-AFA4-0BA789A973FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7178BB7D-7098-44FB-8DC1-C6A7AF5D6EE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F4A9A99-C26E-4476-934E-24AADFBDB8B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A73A4517-CA0C-4C11-BD22-47F53DFBD7B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C22AC9CB-44C3-43E1-B29A-3D06A421E51D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "51998570-6EFF-436C-9297-601B17A31788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D944BB64-73C5-402C-9D14-077B8FC9DB8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B08EF876-5D00-45DC-A724-D2496854D87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B877D86-6ABE-43E8-A681-0C937C779388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "61DE20FB-F2C6-49CB-B1A7-0C5A1F802C56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF8 and 5.x before 5.0.2 IF10; Rational Quality Manager (RQM) 2.x and 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF8, and 5.x before 5.0.2 IF10; Rational Team Concert (RTC) 2.x and 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF8, and 5.x before 5.0.2 IF10; Rational Requirements Composer (RRC) 2.x and 3.x before 3.0.1.6 IF7 and 4.0 through 4.0.7; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF8 and 5.x before 5.0.2 IF10; Rational Engineering Lifecycle Manager (RELM) 1.0 through 1.0.0.1, 4.0.3 through 4.0.7, and 5.0 through 5.0.2; Rational Rhapsody Design Manager (DM) 3.0 through 3.0.1, 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0; and Rational Software Architect Design Manager (DM) 3.0 through 3.0.1, 4.0 through 4.0.7, and 5.0 through 5.0.2 allows remote attackers to cause a denial of service via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Jazz Team Server en Jazz Foundation en IBM Rational Collaborative Lifecycle Management (CLM) 3.x y 4.x en versiones anteriores a 4.0.7 IF8 y 5.x en versiones anteriores a 5.0.2 IF10; Rational Quality Manager (RQM) 2.x y 3.x en versiones anteriores a 3.0.1.6 IF7, 4.x en versiones anteriores a 4.0.7 IF8 y 5.x en versiones anteriores a 5.0.2 IF10; Rational Team Concert (RTC) 2.x y 3.x en versiones anteriores a 3.0.1.6 IF7, 4.x en versiones anteriores a 4.0.7 IF8 y 5.x en versiones anteriores a 5.0.2 IF10; Rational Requirements Composer (RRC) 2.x y 3.x en versiones anteriores a 3.0.1.6 IF7 y 4.0 hasta la versi\u00f3n 4.0.7; Rational DOORS Next Generation (RDNG) 4.x en versiones anteriores a 4.0.7 IF8 y 5.x en versiones anteriores a 5.0.2 IF10; Rational Engineering Lifecycle Manager (RELM) 1.0 hasta la versi\u00f3n 1.0.0.1, 4.0.3 hasta la versi\u00f3n 4.0.7 y 5.0 hasta la versi\u00f3n 5.0.2; Rational Rhapsody Design Manager (DM) 3.0 hasta la versi\u00f3n 3.0.1, 4.0 hasta la versi\u00f3n 4.0.7, 5.0 hasta la versi\u00f3n 5.0.2 y 6.0 y Rational Software Architect Design Manager (DM) 3.0 hasta la versi\u00f3n 3.0.1, 4.0 hasta la versi\u00f3n 4.0.7 y 5.0 hasta la versi\u00f3n 5.0.2 permite a atacantes remotos provocar una denegaci\u00f3n de servicio a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2015-1971",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-01-03T00:59:00.113",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21971164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21971164"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-04 22:55
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to read arbitrary data via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | rational_requirements_composer | 3.0.1 | |
| ibm | rational_requirements_composer | 3.0.1.1 | |
| ibm | rational_requirements_composer | 3.0.1.2 | |
| ibm | rational_requirements_composer | 3.0.1.3 | |
| ibm | rational_requirements_composer | 3.0.1.4 | |
| ibm | rational_requirements_composer | 3.0.1.5 | |
| ibm | rational_requirements_composer | 3.0.1.6 | |
| ibm | rational_requirements_composer | 4.0.0 | |
| ibm | rational_requirements_composer | 4.0.0.1 | |
| ibm | rational_requirements_composer | 4.0.0.2 | |
| ibm | rational_requirements_composer | 4.0.1 | |
| ibm | rational_requirements_composer | 4.0.2 | |
| ibm | rational_requirements_composer | 4.0.3 | |
| ibm | rational_requirements_composer | 4.0.4 | |
| ibm | rational_requirements_composer | 4.0.5 | |
| ibm | rational_doors_next_generation | 4.0.0 | |
| ibm | rational_doors_next_generation | 4.0.1 | |
| ibm | rational_doors_next_generation | 4.0.2 | |
| ibm | rational_doors_next_generation | 4.0.3 | |
| ibm | rational_doors_next_generation | 4.0.4 | |
| ibm | rational_doors_next_generation | 4.0.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF24AEA-D261-485F-A7FF-D5DAF033C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FDD53B1B-BCD3-4A8D-8FBB-4965FA30D9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C0FA509F-C96E-428C-A69A-7D96E1C219B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0229C996-3960-4A7A-BA2E-03819281CA6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FBFCAE-0324-4C8B-82F4-1EBFA440CB1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "17099F68-B49C-4433-98B6-7C7FE8846702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D43547B3-1085-48B1-A6D3-32B791EE09FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6342F6-709A-4043-A879-57E9C7232C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CDFA1C-9C07-4744-95F9-93A2332E2F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10D8C43B-C109-44E1-868F-7DC1289D9BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFBB5B-8566-45BC-9123-5418821E6EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2CC2A-232C-43A6-8C9B-E6125C051BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84EA62-E3F8-4E4C-9FEF-065300C4611A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "817714F1-B68E-41DB-A4FC-34FD5518B9BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0477D24-56F7-46A2-A08A-C20A90E6E85C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CABBD25-7C8D-4CE1-B9C9-75670C8B5B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31D9D1B5-C3D1-42F2-A963-9FA30CF20AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E0514FAC-52CE-41F6-B255-E2D83E71F3E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA25E78-52E0-4B5E-AECC-0F24C827F3F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to read arbitrary data via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en IBM Rational Requirements Composer 3.x anterior a 3.0.1.6 iFix2 y 4.x anterior a 4.0.6 y Rational DOORS Next Generation 4.x anterior a 4.0.6 permite a usuarios remotos autenticados leer datos arbitrarios a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2014-0844",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-03-04T22:55:03.303",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21664412"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90718"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21664412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90718"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-08 19:59
Modified
2025-04-20 01:37
Severity ?
Summary
IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive information in error response messages that could be used for further attacks against the system.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=swg21991461 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | http://www.securityfocus.com/bid/96074 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=swg21991461 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/96074 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | rational_doors_next_generation | 5.0 | |
| ibm | rational_doors_next_generation | 5.0.0 | |
| ibm | rational_doors_next_generation | 5.0.1 | |
| ibm | rational_doors_next_generation | 5.0.2 | |
| ibm | rational_doors_next_generation | 6.0.0 | |
| ibm | rational_doors_next_generation | 6.0.1 | |
| ibm | rational_doors_next_generation | 6.0.2 | |
| ibm | rational_requirements_composer | 4.0.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2431038-D838-4AB0-B614-EDC1D4D203E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D76BE6D-5C28-404A-BBF3-E2C9E1596E8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AE1241-9998-4F5D-862A-52CE40DB24C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F32526-C148-4FCE-B32B-88A8F2BB3A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "749C6DAF-EF92-40DD-9CE8-535D1C5BB745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "666FB9C2-4A39-4C21-B00B-3ABF4EE9805E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8158D2-ECB0-4F89-BE73-568CA213D9B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive information in error response messages that could be used for further attacks against the system."
},
{
"lang": "es",
"value": "IBM Rational DOORS Next Generation 5.0 y 6.0 revela informaci\u00f3n sensible en mensajes de respuesta a errores que puede ser usada para otros ataques contra el sistema."
}
],
"id": "CVE-2016-9748",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-08T19:59:00.293",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21991461"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96074"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21991461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96074"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-18 15:29
Modified
2025-04-20 01:37
Severity ?
Summary
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126246.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=swg22004138 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | http://www.securityfocus.com/bid/100353 | Third Party Advisory, VDB Entry | |
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/126246 | VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=swg22004138 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100353 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/126246 | VDB Entry, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | rational_doors_next_generation | 6.0.0 | |
| ibm | rational_doors_next_generation | 6.0.1 | |
| ibm | rational_doors_next_generation | 6.0.2 | |
| ibm | rational_doors_next_generation | 6.0.3 | |
| ibm | rational_requirements_composer | 4.0.1 | |
| ibm | rational_requirements_composer | 4.0.2 | |
| ibm | rational_requirements_composer | 4.0.3 | |
| ibm | rational_requirements_composer | 4.0.4 | |
| ibm | rational_requirements_composer | 4.0.5 | |
| ibm | rational_requirements_composer | 4.0.6 | |
| ibm | rational_requirements_composer | 4.0.7 | |
| ibm | rational_requirements_composer | 5.0.0 | |
| ibm | rational_requirements_composer | 5.0.1 | |
| ibm | rational_requirements_composer | 5.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F32526-C148-4FCE-B32B-88A8F2BB3A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "749C6DAF-EF92-40DD-9CE8-535D1C5BB745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "666FB9C2-4A39-4C21-B00B-3ABF4EE9805E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "27404EC5-26B2-490E-8211-09783FEF084C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFBB5B-8566-45BC-9123-5418821E6EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2CC2A-232C-43A6-8C9B-E6125C051BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84EA62-E3F8-4E4C-9FEF-065300C4611A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0232D8EF-1DB3-477D-818C-B79B68406197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8158D2-ECB0-4F89-BE73-568CA213D9B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3547663B-AA43-4866-931F-E4FBB64E7568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "93778FE9-8ED2-471D-BEC8-EF7D7E5AFC4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F403652E-333E-4828-A3A6-FED1DF447AA4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126246."
},
{
"lang": "es",
"value": "IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 y 6.0 es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban c\u00f3digo JavaScript arbitrario en la interfaz de usuario web, alterando las funcionalidades planeadas. Esto podr\u00eda desembocar en una revelaci\u00f3n de credenciales en una sesi\u00f3n de confianza. IBM X-Force ID: 126246."
}
],
"id": "CVE-2017-1338",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-18T15:29:00.277",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22004138"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100353"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22004138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100353"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126246"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-15 19:59
Modified
2025-04-20 01:37
Severity ?
Summary
An undisclosed vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 could allow a JazzGuest user to see project names. IBM Reference #: 1995547.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=swg21995547 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=swg21995547 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | rational_doors_next_generation | 5.0 | |
| ibm | rational_doors_next_generation | 5.0.0 | |
| ibm | rational_doors_next_generation | 5.0.1 | |
| ibm | rational_doors_next_generation | 5.0.2 | |
| ibm | rational_doors_next_generation | 6.0.0 | |
| ibm | rational_doors_next_generation | 6.0.1 | |
| ibm | rational_doors_next_generation | 6.0.2 | |
| ibm | rational_requirements_composer | 4.0.1 | |
| ibm | rational_requirements_composer | 4.0.2 | |
| ibm | rational_requirements_composer | 4.0.3 | |
| ibm | rational_requirements_composer | 4.0.4 | |
| ibm | rational_requirements_composer | 4.0.5 | |
| ibm | rational_requirements_composer | 4.0.6 | |
| ibm | rational_requirements_composer | 4.0.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2431038-D838-4AB0-B614-EDC1D4D203E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D76BE6D-5C28-404A-BBF3-E2C9E1596E8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AE1241-9998-4F5D-862A-52CE40DB24C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F32526-C148-4FCE-B32B-88A8F2BB3A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "749C6DAF-EF92-40DD-9CE8-535D1C5BB745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "666FB9C2-4A39-4C21-B00B-3ABF4EE9805E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFBB5B-8566-45BC-9123-5418821E6EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2CC2A-232C-43A6-8C9B-E6125C051BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84EA62-E3F8-4E4C-9FEF-065300C4611A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0232D8EF-1DB3-477D-818C-B79B68406197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8158D2-ECB0-4F89-BE73-568CA213D9B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An undisclosed vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 could allow a JazzGuest user to see project names. IBM Reference #: 1995547."
},
{
"lang": "es",
"value": "Una vulnerabilidad no revelada en IBM Rational DOORS Next Generation 4.0, 5.0 y 6.0 podr\u00eda permitir a un usuario JazzGuest ver nombres de proyectos. IBM Referencia #: 1995547."
}
],
"id": "CVE-2016-6060",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-15T19:59:00.283",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995547"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995547"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-16 19:29
Modified
2024-11-21 02:41
Severity ?
Summary
XML external entity (XXE) vulnerability in IBM Rational Team Concert 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0 before 5.0.2 iFix15, and 6.0 before 6.0.1 iFix4 allows remote authenticated users to cause a denial of service via crafted XML data. IBM X-Force ID: 109693.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www-01.ibm.com/support/docview.wss?uid=swg21983720 | Vendor Advisory | |
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/109693 | VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21983720 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/109693 | VDB Entry, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A79E7EF2-5615-4300-BC0D-865DBDC8B46F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C59EB6D6-2A74-4988-912C-97045647F1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EAB61F7-B5B4-47E8-8BFD-02F025358781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F93D8CAB-0DF0-4A1D-B1A3-78FF892D04AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7204792C-1506-4E95-92CD-098F760FC429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "09FC134C-08AB-4874-B31D-B08CDF4C2DE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1649F910-F8B9-4AAD-9743-C37B8784A771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CEDB1D69-FFD1-49DB-9775-B11F21E200F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "443530AE-4F33-4453-826A-8D705DFB7C03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "364E7E8D-D988-4546-9E61-CD2D1A6F0728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D34C6DE1-40BC-44F3-B106-47E4FA1C4FF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0AA277-39E7-441C-9AF2-18848FD4C9D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4938F063-34AF-4C5F-AF43-534C3D052720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3902033E-35AB-4358-9D07-AF8C59A9621A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "559C7C20-BD07-4E30-A74C-EA35DB2E3F2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B15D55E2-D1C2-4934-8C51-2DA2778ADF7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9B31F581-9E7A-4882-A915-FE4784FDC996",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D094EE5E-DF84-4922-A612-35CD4DC4D875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1186E8-2639-476F-802E-580D98F2E255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7E998F-416E-4E1F-BF85-606224B468CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7569ED1E-D61E-4F97-825B-2B20A1C03319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E52984F5-4372-4D13-95B1-51F4DB19D425",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E8B281-4A2E-41E9-8953-9F041030EF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF24AEA-D261-485F-A7FF-D5DAF033C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FDD53B1B-BCD3-4A8D-8FBB-4965FA30D9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C0FA509F-C96E-428C-A69A-7D96E1C219B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0229C996-3960-4A7A-BA2E-03819281CA6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FBFCAE-0324-4C8B-82F4-1EBFA440CB1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "17099F68-B49C-4433-98B6-7C7FE8846702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D43547B3-1085-48B1-A6D3-32B791EE09FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D3894CB-8DF7-4011-B47F-36485A2A6E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFBB5B-8566-45BC-9123-5418821E6EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2CC2A-232C-43A6-8C9B-E6125C051BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84EA62-E3F8-4E4C-9FEF-065300C4611A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0232D8EF-1DB3-477D-818C-B79B68406197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8158D2-ECB0-4F89-BE73-568CA213D9B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5E997305-EC48-42C4-9408-EE622818BA03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0477D24-56F7-46A2-A08A-C20A90E6E85C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CABBD25-7C8D-4CE1-B9C9-75670C8B5B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31D9D1B5-C3D1-42F2-A963-9FA30CF20AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E0514FAC-52CE-41F6-B255-E2D83E71F3E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA25E78-52E0-4B5E-AECC-0F24C827F3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "746190AA-6D21-446F-80F5-4C98F5BF74A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08125E1B-FE2B-436C-A69F-067BC1B5C542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2431038-D838-4AB0-B614-EDC1D4D203E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AE1241-9998-4F5D-862A-52CE40DB24C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "141B7F93-4A02-4A60-94F1-A6D9A80A4889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "749C6DAF-EF92-40DD-9CE8-535D1C5BB745",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F07F4E00-F0BA-4821-B5B4-3C0E9D01AAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C80E49B8-8BC4-4150-B86A-A5E474F4E598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6915A8F-05A1-4D39-BF53-0C3F4B155A9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4E92346D-B1A8-43F8-B2C1-E69A3301560B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F081AEF5-3F0F-4D58-8BBE-EDB9C569CAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "44840CC3-5720-4AF8-B508-67AB5E3E1CA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3F65519B-90F8-4A17-BA94-FDFDE5BF8CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "71F5759B-9D36-46DA-8F1B-CF7899AC7E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C7E81B-DA97-4545-9C78-962E5FE9202D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6D790D42-7B73-40A6-BF0E-630099FB97E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FABBECCB-F0B9-4D45-9372-6F313F841FE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9DF445D-E457-4FA5-A2BE-F05828F8F799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E1CE1A44-9F74-4405-AAB4-E38487FBD91A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "29160905-BBD7-486C-A4E0-5778717389E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0A538D21-6F83-4F01-AB4F-788A89F922CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "233E248F-0EA5-4C97-8474-C7A3EFCF7CCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE6472E-AC94-431C-B8EA-8A3ED1828E85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DAFF35-BD11-4EED-8B79-E99AE8A0E620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8EA5622F-81FF-4C0C-8A3D-9ACFE30B0ACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BEC305-F98D-45F4-B149-1188744DE408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E837B6AB-B8FF-413E-8DE9-EE61F6113ED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB5C385D-6C5B-4D5E-8628-6D80E8E54403",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF686B93-3DE2-4A4D-BA6F-10CA9AFCFA73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5E21B53E-28C2-4930-88F3-3AADD1BF31B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF2CAB1D-B5AB-42D2-8F35-52C6F64EC0FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "71816D92-AC01-4F7D-A878-7280175BB422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "88D17CA5-2B63-4914-9DBF-5861F69B5238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7D3B001F-0031-4BED-9A49-B9589EC9E5CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B8CED8F4-22A6-4945-A21F-0D399BE661F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C2FA0B68-62BE-45B5-A359-1F922BEA587C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A61935D-D657-4DD8-936D-D9D956F49131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C66DD3-20D9-4B47-AFA4-0BA789A973FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7178BB7D-7098-44FB-8DC1-C6A7AF5D6EE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F4A9A99-C26E-4476-934E-24AADFBDB8B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A73A4517-CA0C-4C11-BD22-47F53DFBD7B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C22AC9CB-44C3-43E1-B29A-3D06A421E51D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "51998570-6EFF-436C-9297-601B17A31788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D944BB64-73C5-402C-9D14-077B8FC9DB8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B08EF876-5D00-45DC-A724-D2496854D87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B877D86-6ABE-43E8-A681-0C937C779388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "61DE20FB-F2C6-49CB-B1A7-0C5A1F802C56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "88989B56-B482-4FCA-98D7-9869CD86C15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F9D6232-16BC-4985-97BE-9AEA8E30FB4A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C380E168-9045-4BF3-A485-2943B2FDE44D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED17A54-D64F-4FEC-A9FF-1D85C0E0595E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5917861D-85E7-45F6-9150-BD6F2E272832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "90570EDF-C0A3-4AF5-9763-2D6473762A24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "608625CE-F543-4DCA-A3F9-70A35ECD1550",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1738F8-EECC-46C9-AE0C-46E8E4B2AC5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F01BD6B-30EA-4AD6-A2CA-04638FF59DF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3E8B81FD-2288-4DD3-9AAC-76016FFA2D30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61CE7D3E-BF02-44DA-ADAE-5CB0E22492AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F5ECD177-5310-44DA-A364-1077898C3A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46883130-F370-406C-A8E8-213399F2EE47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A13CE71-BEC0-4DEC-9CF7-183672F6729D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2DB2451D-F31E-4CF6-8E61-2970A4FB174D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01A27F4B-0ED9-479F-B91B-FCB514CF1D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAF452F-94AB-4857-BCD6-AE5251C61526",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7596E71E-4507-4EFC-ABF9-41D8FD338CC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9B201E3D-1028-4955-AFE2-AF8C14CAA182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A1C966E0-6372-4CA5-902E-DEE17FC139E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B12D7433-30F0-427F-BF82-0AAD492CE35D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6E654FB-BD17-4308-9CD0-163D8DA0BD6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "64D14BEF-D1F0-4C27-87F0-8BCAD8A3E369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B9D0C8-2EB2-4209-8495-1B3B823D9A41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "94EF2E53-3618-4610-AC36-602584DB26EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B450B35-5169-4B41-B928-0F22DF55A28C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B4FF44-507B-4F2E-9C7C-4D8A046542D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1DD60E-3E2C-4F42-9892-B031CB3B570D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6504477B-9BF5-49F6-8E3A-9B07B30895B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C0C4948B-69C4-4CAF-808E-426483ED0622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1C297440-406F-4508-9D8D-92F79DF91C4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "79FB3730-EE6A-44CE-8FCD-4CE6D055EB2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3C416F89-7E5E-4FE7-A532-F13843AA1771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2654BDE-3134-4653-B472-995B02E9B841",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C36DDB50-CF31-4B3C-AE49-99A3AFBC0791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9DFDE569-8BE3-4CFD-8228-FF785B004068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9800CBFC-3169-42CA-BB36-22C34F222FD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5D3E975D-3D7B-4DE3-B961-BA6D38329563",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "XML external entity (XXE) vulnerability in IBM Rational Team Concert 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0 before 5.0.2 iFix15, and 6.0 before 6.0.1 iFix4 allows remote authenticated users to cause a denial of service via crafted XML data. IBM X-Force ID: 109693."
},
{
"lang": "es",
"value": "Vulnerabilidad de XEE (XML External Entity) en IBM Rational Team Concert 3.0 en versiones anteriores a la 3.0.1.6 iFix7 Interim Fix 1, 4.0 en versiones anteriores a la 4.0.7 iFix10, 5.0 en versiones anteriores a la 5.0.2 iFix15 y 6.0 en versiones anteriores a la 6.0.1 iFix4 permite que usuarios autenticados remotos provoquen una denegaci\u00f3n de servicio (DoS) mediante datos XML manipulados. IBM X-Force ID: 109693."
}
],
"id": "CVE-2016-0219",
"lastModified": "2024-11-21T02:41:17.927",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-16T19:29:00.963",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983720"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/109693"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983720"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/109693"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-03-18 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 and Rational Requirements Composer 4.x before 4.0.7 iFix3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | rational_requirements_composer | 4.0.0 | |
| ibm | rational_requirements_composer | 4.0.0.1 | |
| ibm | rational_requirements_composer | 4.0.0.2 | |
| ibm | rational_requirements_composer | 4.0.1 | |
| ibm | rational_requirements_composer | 4.0.2 | |
| ibm | rational_requirements_composer | 4.0.3 | |
| ibm | rational_requirements_composer | 4.0.4 | |
| ibm | rational_requirements_composer | 4.0.5 | |
| ibm | rational_requirements_composer | 4.0.6 | |
| ibm | rational_requirements_composer | 4.0.7 | |
| ibm | rational_doors_next_generation | 4.0.0 | |
| ibm | rational_doors_next_generation | 4.0.1 | |
| ibm | rational_doors_next_generation | 4.0.2 | |
| ibm | rational_doors_next_generation | 4.0.3 | |
| ibm | rational_doors_next_generation | 4.0.4 | |
| ibm | rational_doors_next_generation | 4.0.5 | |
| ibm | rational_doors_next_generation | 4.0.6 | |
| ibm | rational_doors_next_generation | 4.0.7 | |
| ibm | rational_doors_next_generation | 5.0 | |
| ibm | rational_doors_next_generation | 5.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6342F6-709A-4043-A879-57E9C7232C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CDFA1C-9C07-4744-95F9-93A2332E2F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10D8C43B-C109-44E1-868F-7DC1289D9BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFBB5B-8566-45BC-9123-5418821E6EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2CC2A-232C-43A6-8C9B-E6125C051BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84EA62-E3F8-4E4C-9FEF-065300C4611A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0232D8EF-1DB3-477D-818C-B79B68406197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8158D2-ECB0-4F89-BE73-568CA213D9B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "817714F1-B68E-41DB-A4FC-34FD5518B9BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0477D24-56F7-46A2-A08A-C20A90E6E85C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CABBD25-7C8D-4CE1-B9C9-75670C8B5B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31D9D1B5-C3D1-42F2-A963-9FA30CF20AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E0514FAC-52CE-41F6-B255-E2D83E71F3E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA25E78-52E0-4B5E-AECC-0F24C827F3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "746190AA-6D21-446F-80F5-4C98F5BF74A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08125E1B-FE2B-436C-A69F-067BC1B5C542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2431038-D838-4AB0-B614-EDC1D4D203E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 and Rational Requirements Composer 4.x before 4.0.7 iFix3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en IBM Rational DOORS Next Generation 4.x anterior a 4.0.7 iFix3 y 5.x anterior a 5.0.2 y Rational Requirements Composer 4.x anterior a 4.0.7 iFix3 permite a usuarios remotos autenticados inyectar secuencias de comandos web arbitrarios o HTML a trav\u00e9s de una URL manipulada."
}
],
"id": "CVE-2015-0125",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-03-18T10:59:03.323",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21697297"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/73105"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21697297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/73105"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-09-12 13:28
Modified
2025-04-11 00:51
Severity ?
Summary
Open redirect vulnerability in IBM Rational Requirements Composer before 4.0.4 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | rational_requirements_composer | * | |
| ibm | rational_requirements_composer | 4.0.0 | |
| ibm | rational_requirements_composer | 4.0.1 | |
| ibm | rational_requirements_composer | 4.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9442F575-4411-4900-90E8-3AA00F9B2329",
"versionEndIncluding": "4.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6342F6-709A-4043-A879-57E9C7232C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in IBM Rational Requirements Composer before 4.0.4 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL."
},
{
"lang": "es",
"value": "Vulnerabilidad de redirecci\u00f3n abierta en IBM Rational Requirements Composer anterior a v4.0.4 permite a usuarios autenticados remotamente redireccionar a usuarios a sitios web arbitrarios y llevar a cabo ataques de phishing a trav\u00e9s de una URL manipulada."
}
],
"id": "CVE-2013-3036",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-09-12T13:28:31.903",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645927"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84688"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645927"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84688"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-03-18 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational DOORS Next Generation 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5; and other products, allows remote authenticated users to delete the dashboards of arbitrary users via unspecified vectors.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www-01.ibm.com/support/docview.wss?uid=swg21698247 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21698247 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CE0A31B-7A9B-40E6-8648-365D018BA0E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A9E54DB-5CB0-4289-B1A7-EA82494A8FEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B2944B8-BFD1-4184-8E49-69385DD0C0D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "71ECC4C2-BF61-47C7-8435-BE71F1AD0A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:2.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A826A681-A706-4512-B863-1FEABFBCC677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A79E7EF2-5615-4300-BC0D-865DBDC8B46F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C59EB6D6-2A74-4988-912C-97045647F1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EAB61F7-B5B4-47E8-8BFD-02F025358781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F93D8CAB-0DF0-4A1D-B1A3-78FF892D04AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7204792C-1506-4E95-92CD-098F760FC429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "09FC134C-08AB-4874-B31D-B08CDF4C2DE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1649F910-F8B9-4AAD-9743-C37B8784A771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CEDB1D69-FFD1-49DB-9775-B11F21E200F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "443530AE-4F33-4453-826A-8D705DFB7C03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "364E7E8D-D988-4546-9E61-CD2D1A6F0728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D34C6DE1-40BC-44F3-B106-47E4FA1C4FF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0AA277-39E7-441C-9AF2-18848FD4C9D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4938F063-34AF-4C5F-AF43-534C3D052720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3902033E-35AB-4358-9D07-AF8C59A9621A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "559C7C20-BD07-4E30-A74C-EA35DB2E3F2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B15D55E2-D1C2-4934-8C51-2DA2778ADF7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9B31F581-9E7A-4882-A915-FE4784FDC996",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BA1E396E-905A-4CE3-8AEB-12BFBE679B2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1186E8-2639-476F-802E-580D98F2E255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7E998F-416E-4E1F-BF85-606224B468CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10E211DC-D0D7-4527-AE87-231A19D58C6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "20AABE5F-C942-45BB-86A9-C3F2E949D64E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A04D314-F6EB-41B9-945A-D8428D86B655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3717DCFC-1336-45EC-919C-E1CD1B37DA2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BC743273-AD4B-4A14-9C0C-23A865A640C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E8B281-4A2E-41E9-8953-9F041030EF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF24AEA-D261-485F-A7FF-D5DAF033C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FDD53B1B-BCD3-4A8D-8FBB-4965FA30D9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C0FA509F-C96E-428C-A69A-7D96E1C219B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0229C996-3960-4A7A-BA2E-03819281CA6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FBFCAE-0324-4C8B-82F4-1EBFA440CB1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "17099F68-B49C-4433-98B6-7C7FE8846702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D43547B3-1085-48B1-A6D3-32B791EE09FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "817714F1-B68E-41DB-A4FC-34FD5518B9BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0477D24-56F7-46A2-A08A-C20A90E6E85C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CABBD25-7C8D-4CE1-B9C9-75670C8B5B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31D9D1B5-C3D1-42F2-A963-9FA30CF20AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E0514FAC-52CE-41F6-B255-E2D83E71F3E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA25E78-52E0-4B5E-AECC-0F24C827F3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "746190AA-6D21-446F-80F5-4C98F5BF74A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08125E1B-FE2B-436C-A69F-067BC1B5C542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2431038-D838-4AB0-B614-EDC1D4D203E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AE1241-9998-4F5D-862A-52CE40DB24C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4875C452-2466-45F1-8923-00E5340D74D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8B15EF2E-A114-4128-85F1-889EDC3F6C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F07F4E00-F0BA-4821-B5B4-3C0E9D01AAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C80E49B8-8BC4-4150-B86A-A5E474F4E598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6915A8F-05A1-4D39-BF53-0C3F4B155A9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4E92346D-B1A8-43F8-B2C1-E69A3301560B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F081AEF5-3F0F-4D58-8BBE-EDB9C569CAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "44840CC3-5720-4AF8-B508-67AB5E3E1CA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3F65519B-90F8-4A17-BA94-FDFDE5BF8CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "71F5759B-9D36-46DA-8F1B-CF7899AC7E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C7E81B-DA97-4545-9C78-962E5FE9202D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6D790D42-7B73-40A6-BF0E-630099FB97E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FABBECCB-F0B9-4D45-9372-6F313F841FE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9DF445D-E457-4FA5-A2BE-F05828F8F799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E1CE1A44-9F74-4405-AAB4-E38487FBD91A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "29160905-BBD7-486C-A4E0-5778717389E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0A538D21-6F83-4F01-AB4F-788A89F922CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "233E248F-0EA5-4C97-8474-C7A3EFCF7CCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE6472E-AC94-431C-B8EA-8A3ED1828E85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DAFF35-BD11-4EED-8B79-E99AE8A0E620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5FDFE57E-7905-4DC8-93FC-CAE5BC070790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BEC305-F98D-45F4-B149-1188744DE408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E837B6AB-B8FF-413E-8DE9-EE61F6113ED1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9641F4-846F-4FB0-BE40-F30972C87D7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5E21B53E-28C2-4930-88F3-3AADD1BF31B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF2CAB1D-B5AB-42D2-8F35-52C6F64EC0FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "71816D92-AC01-4F7D-A878-7280175BB422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "88D17CA5-2B63-4914-9DBF-5861F69B5238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7D3B001F-0031-4BED-9A49-B9589EC9E5CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B8CED8F4-22A6-4945-A21F-0D399BE661F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C2FA0B68-62BE-45B5-A359-1F922BEA587C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC85C5A2-04BC-4E10-9EAF-6AF2CBC3AF41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C66DD3-20D9-4B47-AFA4-0BA789A973FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7178BB7D-7098-44FB-8DC1-C6A7AF5D6EE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F4A9A99-C26E-4476-934E-24AADFBDB8B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A73A4517-CA0C-4C11-BD22-47F53DFBD7B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C22AC9CB-44C3-43E1-B29A-3D06A421E51D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "51998570-6EFF-436C-9297-601B17A31788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D944BB64-73C5-402C-9D14-077B8FC9DB8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3A32DF4D-B68E-4C3E-AF20-05C80B26461A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B877D86-6ABE-43E8-A681-0C937C779388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "61DE20FB-F2C6-49CB-B1A7-0C5A1F802C56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational DOORS Next Generation 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5; and other products, allows remote authenticated users to delete the dashboards of arbitrary users via unspecified vectors."
},
{
"lang": "es",
"value": "IBM Rational Jazz Team Server (JTS), utilizado en Rational Collaborative Lifecycle Management 3.x y 4.x anterior a 4.0.7 iFix4 y 5.x anterior a 5.0.2 iFix2; Rational Quality Manager 2.x y 3.x anterior a 3.0.1.6 iFix5, 4.x anterior a 4.0.7 iFix4, y 5.x anterior a 5.0.2 iFix2; Rational Team Concert 2.x y 3.x anterior a 3.0.1.6 iFix5, 4.x anterior a 4.0.7 iFix4, y 5.x anterior a 5.0.2 iFix2; Rational DOORS Next Generation 4.x anterior a 4.0.7 iFix4 y 5.x anterior a 5.0.2 iFix2; Rational Requirements Composer 2.x y 3.x anterior a 3.0.1.6 iFix5; y otros productos, permite a usuarios remotos autenticados eliminar los paneles de control de usuarios arbitrarios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-6129",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-03-18T10:59:00.073",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698247"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698247"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-03-18 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The XML parser in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 and Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5 and 4.x before 4.0.7 iFix3 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www-01.ibm.com/support/docview.wss?uid=swg21698248 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21698248 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10E211DC-D0D7-4527-AE87-231A19D58C6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "20AABE5F-C942-45BB-86A9-C3F2E949D64E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A04D314-F6EB-41B9-945A-D8428D86B655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3717DCFC-1336-45EC-919C-E1CD1B37DA2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BC743273-AD4B-4A14-9C0C-23A865A640C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E8B281-4A2E-41E9-8953-9F041030EF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF24AEA-D261-485F-A7FF-D5DAF033C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FDD53B1B-BCD3-4A8D-8FBB-4965FA30D9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C0FA509F-C96E-428C-A69A-7D96E1C219B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0229C996-3960-4A7A-BA2E-03819281CA6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FBFCAE-0324-4C8B-82F4-1EBFA440CB1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "17099F68-B49C-4433-98B6-7C7FE8846702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D43547B3-1085-48B1-A6D3-32B791EE09FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D3894CB-8DF7-4011-B47F-36485A2A6E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6342F6-709A-4043-A879-57E9C7232C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CDFA1C-9C07-4744-95F9-93A2332E2F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10D8C43B-C109-44E1-868F-7DC1289D9BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFBB5B-8566-45BC-9123-5418821E6EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2CC2A-232C-43A6-8C9B-E6125C051BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84EA62-E3F8-4E4C-9FEF-065300C4611A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0232D8EF-1DB3-477D-818C-B79B68406197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8158D2-ECB0-4F89-BE73-568CA213D9B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "817714F1-B68E-41DB-A4FC-34FD5518B9BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0477D24-56F7-46A2-A08A-C20A90E6E85C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CABBD25-7C8D-4CE1-B9C9-75670C8B5B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31D9D1B5-C3D1-42F2-A963-9FA30CF20AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E0514FAC-52CE-41F6-B255-E2D83E71F3E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA25E78-52E0-4B5E-AECC-0F24C827F3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "746190AA-6D21-446F-80F5-4C98F5BF74A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08125E1B-FE2B-436C-A69F-067BC1B5C542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2431038-D838-4AB0-B614-EDC1D4D203E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The XML parser in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 and Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5 and 4.x before 4.0.7 iFix3 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564."
},
{
"lang": "es",
"value": "El analizador sint\u00e1ctico de XML en IBM Rational DOORS Next Generation 4.x anterior a 4.0.7 iFix3 y 5.x anterior a 5.0.2 y Rational Requirements Composer 2.x y 3.x anterior a 3.0.1.6 iFix5 y 4.x anterior a 4.0.7 iFix3 no detecta correctamente la recursi\u00f3n durante la expansi\u00f3n de entidades, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de memoria) a trav\u00e9s de un documento XML que contiene un n\u00famero grande de referencias de entidad anidadas, un problema similar a CVE-2003-1564."
}
],
"id": "CVE-2015-0132",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-03-18T10:59:05.247",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698248"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698248"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-03-15 22:29
Modified
2024-11-21 02:36
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, and 4.0.7 before iFix10, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 108296.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www-01.ibm.com/support/docview.wss?uid=swg21982747 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/108296 | VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21982747 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/108296 | VDB Entry, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5103D1D-DC6C-40CE-8092-5102E8F10A6E",
"versionEndIncluding": "6.0.1",
"versionStartIncluding": "3.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EEF02561-E60D-4577-B4AB-D2085B3599F1",
"versionEndIncluding": "3.0.1.6",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF1C422A-3D5F-48B1-BC6E-954D1AFA34F9",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D094EE5E-DF84-4922-A612-35CD4DC4D875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1186E8-2639-476F-802E-580D98F2E255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7E998F-416E-4E1F-BF85-606224B468CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7569ED1E-D61E-4F97-825B-2B20A1C03319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E52984F5-4372-4D13-95B1-51F4DB19D425",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "748629D9-94EA-4A8C-84D9-16AD00442C05",
"versionEndIncluding": "3.0.6",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51CDEB94-002E-479A-A055-F3FD38D3AE41",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8EA5622F-81FF-4C0C-8A3D-9ACFE30B0ACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BEC305-F98D-45F4-B149-1188744DE408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E837B6AB-B8FF-413E-8DE9-EE61F6113ED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB5C385D-6C5B-4D5E-8628-6D80E8E54403",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF686B93-3DE2-4A4D-BA6F-10CA9AFCFA73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23C054AA-DA70-431C-A410-01671854C0D0",
"versionEndIncluding": "3.0.1.6",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CAE640E-7342-44B0-8C02-97EE71ECAD91",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B3D3092-A570-45DE-9CD4-72E01787D189",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2431038-D838-4AB0-B614-EDC1D4D203E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AE1241-9998-4F5D-862A-52CE40DB24C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F32526-C148-4FCE-B32B-88A8F2BB3A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "749C6DAF-EF92-40DD-9CE8-535D1C5BB745",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FA536CF-BF5F-42F1-8F7A-7850E4AC9319",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1738F8-EECC-46C9-AE0C-46E8E4B2AC5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F01BD6B-30EA-4AD6-A2CA-04638FF59DF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3E8B81FD-2288-4DD3-9AAC-76016FFA2D30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61CE7D3E-BF02-44DA-ADAE-5CB0E22492AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F5ECD177-5310-44DA-A364-1077898C3A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19611ED3-74F3-4124-A334-09A66A9274A9",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B12D7433-30F0-427F-BF82-0AAD492CE35D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6E654FB-BD17-4308-9CD0-163D8DA0BD6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "64D14BEF-D1F0-4C27-87F0-8BCAD8A3E369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B9D0C8-2EB2-4209-8495-1B3B823D9A41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "94EF2E53-3618-4610-AC36-602584DB26EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D29F101-F08E-42A1-B7F2-1BD982F81221",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2654BDE-3134-4653-B472-995B02E9B841",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C36DDB50-CF31-4B3C-AE49-99A3AFBC0791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9DFDE569-8BE3-4CFD-8228-FF785B004068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9800CBFC-3169-42CA-BB36-22C34F222FD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5D3E975D-3D7B-4DE3-B961-BA6D38329563",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, and 4.0.7 before iFix10, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 108296."
},
{
"lang": "es",
"value": "Vulnerabilidad Cross-Site Scripting (XSS) en IBM Rational Collaborative Lifecycle Management (CLM) en versiones 3.0.1 anteriores a 3.0.1.6 iFix7 Interim Fix 1, 4.0.x anteriores a 4.0.7 iFix10, 5.0.x anteriores a 5.0.2 iFix15 y 6.0.x anteriores a 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x anteriores a 3.0.1.6 iFix7 Interim Fix 1, 4.0.x anteriores a 4.0.7 iFix10, 5.0.x anteriores a 5.0.2 iFix15 y 6.0.x anteriores a 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x anteriores a 3.0.1.6 iFix7 Interim Fix 1, 4.0.x anteriores a 4.0.7 iFix10, 5.0.x anteriores a 5.0.2 iFix15 y 6.0.x anteriores a 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x anteriores a 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x anteriores a 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x anteriores a 4.0.7 iFix10, 5.0.x anteriores a 5.0.2 iFix15 y 6.0.x anteriores a 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6 y 4.0.7 anteriores a iFix10, 5.0.x anteriores a 5.0.2 iFix1 y 6.0.x anteriores a 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x anteriores a 4.0.7 iFix10, 5.0.x anteriores a 5.0.2 iFix15 y 6.0.x anteriores a 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x anteriores a 4.0.7 iFix10, 5.0.x anteriores a 5.0.2 iFix15 y 6.0.x anteriores a 6.0.1 iFix4 permite que los atacantes remotos inyecten scripts web o HTML arbitrarios mediante vectores sin especificar. IBM X-Force ID: 108296."
}
],
"id": "CVE-2015-7453",
"lastModified": "2024-11-21T02:36:49.100",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-15T22:29:00.307",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982747"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108296"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108296"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}