Lucene search

[email protected]CVE-2016-9697

HistoryMar 20, 2017 - 4:59 p.m.

CVE-2016-9697

2017-03-2016:59:00

CWE-200

[email protected]

web.nvd.nist.gov

ibm rhapsody

4.0

5.0

6.0

json hijacking

vulnerability

ibm reference

nvd

3.1 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

5.9 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:S/C:P/I:N/A:N

0.0005 Low

EPSS

Percentile

18.1%

JSON

An unspecified vulnerability in IBM Rhapsody DM 4.0, 5.0, and 6.0 could allow an attacker to perform a JSON Hijacking Attack. A JSON Hijacking Attack may expose to an attacker information passed between the server and the browser. IBM Reference #: 1999960.

VendorProductVersionCPE
ibmrational_rhapsody_design_manager4.0.2cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.2:*:*:*:*:*:*:*
ibmrational_rhapsody_design_manager3.0cpe:2.3:a:ibm:rational_rhapsody_design_manager:3.0:*:*:*:*:*:*:*
ibmrational_rhapsody_design_manager3.0.0.1cpe:2.3:a:ibm:rational_rhapsody_design_manager:3.0.0.1:*:*:*:*:*:*:*
ibmrational_rhapsody_design_manager4.0cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0:*:*:*:*:*:*:*
ibmrational_rhapsody_design_manager4.0.1cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.1:*:*:*:*:*:*:*
ibmrational_rhapsody_design_manager4.0.3cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.3:*:*:*:*:*:*:*
ibmrational_rhapsody_design_manager4.0.4cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.4:*:*:*:*:*:*:*
ibmrational_rhapsody_design_manager4.0.5cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.5:*:*:*:*:*:*:*
ibmrational_rhapsody_design_manager4.0.6cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.6:*:*:*:*:*:*:*
ibmrational_rhapsody_design_manager5.0cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	rational_rhapsody_design_manager	4.0.2	cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.2:::::::*
ibm	rational_rhapsody_design_manager	3.0	cpe:2.3:a:ibm:rational_rhapsody_design_manager:3.0:::::::*
ibm	rational_rhapsody_design_manager	3.0.0.1	cpe:2.3:a:ibm:rational_rhapsody_design_manager:3.0.0.1:::::::*
ibm	rational_rhapsody_design_manager	4.0	cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0:::::::*
ibm	rational_rhapsody_design_manager	4.0.1	cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.1:::::::*
ibm	rational_rhapsody_design_manager	4.0.3	cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.3:::::::*
ibm	rational_rhapsody_design_manager	4.0.4	cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.4:::::::*
ibm	rational_rhapsody_design_manager	4.0.5	cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.5:::::::*
ibm	rational_rhapsody_design_manager	4.0.6	cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.6:::::::*
ibm	rational_rhapsody_design_manager	5.0	cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0:::::::*

Rows per page:

1-10 of 181

References

www.ibm.com/support/docview.wss?uid=swg21999960

www.securityfocus.com/bid/96828

3.1 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

5.9 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:S/C:P/I:N/A:N

0.0005 Low

EPSS

Percentile

18.1%

JSON

Related for CVE-2016-9697

prion1 ibm2