Lucene search

K
cve[email protected]CVE-2015-0112
HistoryJun 07, 2015 - 6:59 p.m.

CVE-2015-0112

2015-06-0718:59:03
web.nvd.nist.gov
13
cve-2015-0112
jazz team server
ibm rational
clm
xxe issue
security vulnerability
information security

6.3 Medium

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

45.3%

Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Quality Manager (RQM) 2.0 through 2.0.1, 3.0 through 3.0.1.6, 4.0 through 4.0.7, and 5.0 through 5.0.2; Rational Team Concert (RTC) 2.0 through 2.0.0.2, 3.x before 3.0.1.6 IF6, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Requirements Composer (RRC) 2.0 through 2.0.0.4, 3.x before 3.0.1.6 IF6, and 4.0 through 4.0.7; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF5 and 5.x before 5.0.2 IF4; Rational Engineering Lifecycle Manager (RELM) 1.0 through 1.0.0.1, 4.0.3 through 4.0.7, and 5.0 through 5.0.2; Rational Rhapsody Design Manager (DM) 3.0 through 3.0.1, 4.0 through 4.0.7, and 5.0 through 5.0.2; and Rational Software Architect Design Manager (RSA DM) 3.0 through 3.0.1, 4.0 through 4.0.7, and 5.0 through 5.0.2 allows remote authenticated users to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Affected configurations

NVD
Node
ibmrational_requirements_composerMatch2.0
OR
ibmrational_requirements_composerMatch2.0.0.1
OR
ibmrational_requirements_composerMatch2.0.0.2
OR
ibmrational_requirements_composerMatch2.0.0.3
OR
ibmrational_requirements_composerMatch2.0.0.4
OR
ibmrational_requirements_composerMatch3.0
OR
ibmrational_requirements_composerMatch3.0.1
OR
ibmrational_requirements_composerMatch3.0.1.1
OR
ibmrational_requirements_composerMatch3.0.1.2
OR
ibmrational_requirements_composerMatch3.0.1.3
OR
ibmrational_requirements_composerMatch3.0.1.4
OR
ibmrational_requirements_composerMatch3.0.1.5
OR
ibmrational_requirements_composerMatch3.0.1.6
OR
ibmrational_requirements_composerMatch3.5
OR
ibmrational_requirements_composerMatch4.0
OR
ibmrational_requirements_composerMatch4.0.0
OR
ibmrational_requirements_composerMatch4.0.0.1
OR
ibmrational_requirements_composerMatch4.0.0.2
OR
ibmrational_requirements_composerMatch4.0.1
OR
ibmrational_requirements_composerMatch4.0.2
OR
ibmrational_requirements_composerMatch4.0.3
OR
ibmrational_requirements_composerMatch4.0.4
OR
ibmrational_requirements_composerMatch4.0.5
OR
ibmrational_requirements_composerMatch4.0.6
OR
ibmrational_requirements_composerMatch4.0.7
Node
ibmrhapsody_design_managerMatch3.0.0
OR
ibmrhapsody_design_managerMatch3.0.0.1
OR
ibmrhapsody_design_managerMatch3.0.1
OR
ibmrhapsody_design_managerMatch4.0.0
OR
ibmrhapsody_design_managerMatch4.0.1
OR
ibmrhapsody_design_managerMatch4.0.2
OR
ibmrhapsody_design_managerMatch4.0.3
OR
ibmrhapsody_design_managerMatch4.0.4
OR
ibmrhapsody_design_managerMatch4.0.5
OR
ibmrhapsody_design_managerMatch4.0.6
OR
ibmrhapsody_design_managerMatch4.0.7
OR
ibmrhapsody_design_managerMatch5.0
OR
ibmrhapsody_design_managerMatch5.0.2
Node
ibmrational_requirements_composerMatch2.0
OR
ibmrational_requirements_composerMatch2.0.0.1
OR
ibmrational_requirements_composerMatch2.0.0.2
OR
ibmrational_requirements_composerMatch2.0.0.3
OR
ibmrational_requirements_composerMatch2.0.0.4
OR
ibmrational_requirements_composerMatch3.0
OR
ibmrational_requirements_composerMatch3.0.1
OR
ibmrational_requirements_composerMatch3.0.1.1
OR
ibmrational_requirements_composerMatch3.0.1.2
OR
ibmrational_requirements_composerMatch3.0.1.3
OR
ibmrational_requirements_composerMatch3.0.1.4
OR
ibmrational_requirements_composerMatch3.0.1.5
OR
ibmrational_requirements_composerMatch3.0.1.6
OR
ibmrational_requirements_composerMatch3.5
OR
ibmrational_requirements_composerMatch4.0
OR
ibmrational_requirements_composerMatch4.0.0
OR
ibmrational_requirements_composerMatch4.0.0.1
OR
ibmrational_requirements_composerMatch4.0.0.2
OR
ibmrational_requirements_composerMatch4.0.1
OR
ibmrational_requirements_composerMatch4.0.2
OR
ibmrational_requirements_composerMatch4.0.3
OR
ibmrational_requirements_composerMatch4.0.4
OR
ibmrational_requirements_composerMatch4.0.5
OR
ibmrational_requirements_composerMatch4.0.6
OR
ibmrational_requirements_composerMatch4.0.7
Node
ibmrational_team_concertMatch2.0
OR
ibmrational_team_concertMatch2.0.0.1
OR
ibmrational_team_concertMatch2.0.0.2
OR
ibmrational_team_concertMatch3.0
OR
ibmrational_team_concertMatch3.0.1
OR
ibmrational_team_concertMatch3.0.1.1
OR
ibmrational_team_concertMatch3.0.1.2
OR
ibmrational_team_concertMatch3.0.1.3
OR
ibmrational_team_concertMatch3.0.1.4
OR
ibmrational_team_concertMatch3.0.1.5
OR
ibmrational_team_concertMatch3.0.1.6
OR
ibmrational_team_concertMatch4.0
OR
ibmrational_team_concertMatch4.0.0.1
OR
ibmrational_team_concertMatch4.0.0.2
OR
ibmrational_team_concertMatch4.0.1
OR
ibmrational_team_concertMatch4.0.2
OR
ibmrational_team_concertMatch4.0.3
OR
ibmrational_team_concertMatch4.0.4
OR
ibmrational_team_concertMatch4.0.5
OR
ibmrational_team_concertMatch4.0.6
OR
ibmrational_team_concertMatch4.0.7
OR
ibmrational_team_concertMatch5.0.0
OR
ibmrational_team_concertMatch5.0.1
OR
ibmrational_team_concertMatch5.0.2
Node
ibmrational_quality_managerMatch2.0
OR
ibmrational_quality_managerMatch2.0.0.1
OR
ibmrational_quality_managerMatch2.0.0.2
OR
ibmrational_quality_managerMatch2.0.1
OR
ibmrational_quality_managerMatch3.0
OR
ibmrational_quality_managerMatch3.0.1
OR
ibmrational_quality_managerMatch3.0.1.1
OR
ibmrational_quality_managerMatch3.0.1.2
OR
ibmrational_quality_managerMatch3.0.1.3
OR
ibmrational_quality_managerMatch3.0.1.4
OR
ibmrational_quality_managerMatch3.0.1.5
OR
ibmrational_quality_managerMatch3.0.1.6
OR
ibmrational_quality_managerMatch4.0
OR
ibmrational_quality_managerMatch4.0.0.1
OR
ibmrational_quality_managerMatch4.0.0.2
OR
ibmrational_quality_managerMatch4.0.1
OR
ibmrational_quality_managerMatch4.0.2
OR
ibmrational_quality_managerMatch4.0.3
OR
ibmrational_quality_managerMatch4.0.4
OR
ibmrational_quality_managerMatch4.0.5
OR
ibmrational_quality_managerMatch4.0.7
OR
ibmrational_quality_managerMatch5.0.0
OR
ibmrational_quality_managerMatch5.0.2
Node
ibmrational_software_architect_design_managerMatch3.0.0
OR
ibmrational_software_architect_design_managerMatch3.0.0.1
OR
ibmrational_software_architect_design_managerMatch3.0.1
OR
ibmrational_software_architect_design_managerMatch4.0.0
OR
ibmrational_software_architect_design_managerMatch4.0.1
OR
ibmrational_software_architect_design_managerMatch4.0.2
OR
ibmrational_software_architect_design_managerMatch4.0.3
OR
ibmrational_software_architect_design_managerMatch4.0.4
OR
ibmrational_software_architect_design_managerMatch4.0.5
OR
ibmrational_software_architect_design_managerMatch4.0.6
OR
ibmrational_software_architect_design_managerMatch4.0.7
OR
ibmrational_software_architect_design_managerMatch5.0.1
OR
ibmrational_software_architect_design_managerMatch5.0.2
Node
ibmrational_collaborative_lifecycle_managementMatch3.0.1
OR
ibmrational_collaborative_lifecycle_managementMatch3.0.1.1
OR
ibmrational_collaborative_lifecycle_managementMatch3.0.1.2
OR
ibmrational_collaborative_lifecycle_managementMatch3.0.1.3
OR
ibmrational_collaborative_lifecycle_managementMatch3.0.1.4
OR
ibmrational_collaborative_lifecycle_managementMatch3.0.1.5
OR
ibmrational_collaborative_lifecycle_managementMatch3.0.1.6
OR
ibmrational_collaborative_lifecycle_managementMatch4.0.0
OR
ibmrational_collaborative_lifecycle_managementMatch4.0.1
OR
ibmrational_collaborative_lifecycle_managementMatch4.0.2
OR
ibmrational_collaborative_lifecycle_managementMatch4.0.3
OR
ibmrational_collaborative_lifecycle_managementMatch4.0.4
OR
ibmrational_collaborative_lifecycle_managementMatch4.0.5
OR
ibmrational_collaborative_lifecycle_managementMatch4.0.6
OR
ibmrational_collaborative_lifecycle_managementMatch4.0.7
OR
ibmrational_collaborative_lifecycle_managementMatch5.0.0
OR
ibmrational_collaborative_lifecycle_managementMatch5.0.1
OR
ibmrational_collaborative_lifecycle_managementMatch5.0.2
Node
ibmrational_doors_next_generationMatch4.0.0
OR
ibmrational_doors_next_generationMatch4.0.1
OR
ibmrational_doors_next_generationMatch4.0.2
OR
ibmrational_doors_next_generationMatch4.0.3
OR
ibmrational_doors_next_generationMatch4.0.4
OR
ibmrational_doors_next_generationMatch4.0.5
OR
ibmrational_doors_next_generationMatch4.0.6
OR
ibmrational_doors_next_generationMatch4.0.7
OR
ibmrational_doors_next_generationMatch5.0.1
OR
ibmrational_doors_next_generationMatch5.0.2
Node
ibmrational_engineering_lifecycle_managerMatch1.0
OR
ibmrational_engineering_lifecycle_managerMatch1.0.0.1
OR
ibmrational_engineering_lifecycle_managerMatch4.0.3
OR
ibmrational_engineering_lifecycle_managerMatch4.0.4
OR
ibmrational_engineering_lifecycle_managerMatch4.0.5
OR
ibmrational_engineering_lifecycle_managerMatch4.0.6
OR
ibmrational_engineering_lifecycle_managerMatch4.0.7
OR
ibmrational_engineering_lifecycle_managerMatch5.0.1
OR
ibmrational_engineering_lifecycle_managerMatch5.0.2

6.3 Medium

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

45.3%

Related for CVE-2015-0112