7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:N/A:P
0.011 Low
EPSS
Percentile
82.4%
IBM Rational DOORS Next Generation® is affected by multiple vulnerabilities in the Oracle Outside In Technology® that is used as a component.
CVEID: CVE-2018-2768 DESCRIPTION: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component could allow an unauthenticated attacker to cause high confidentiality impact, no integrity impact, and low availability impact.
CVSS Base Score: 7.1
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/141924> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L)
CVEID: CVE-2018-2801 DESCRIPTION: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Image Export SDK component could allow an unauthenticated attacker to cause high confidentiality impact, no integrity impact, and low availability impact.
CVSS Base Score: 7.1
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/141957> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L)
CVEID: CVE-2018-2806 DESCRIPTION: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component could allow an unauthenticated attacker to cause high confidentiality impact, no integrity impact, and low availability impact.
CVSS Base Score: 7.1
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/141962> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L)
Rational DOORS Next Generation 6.0.5
Previous versions are not affected
For Rational DOORS Next Generation 6.0.5, a fix is available by upgrading to 6.0.5 iFix006 or later
Rational DOORS Next Generation 6.0.5 iFix006
For any prior versions of the products listed above, IBM reccomends upgrading to a fixed, supported version/release/platform of the product.
If the iFix is not found in the iFix Portal please contact IBM support.
CPE | Name | Operator | Version |
---|---|---|---|
ibm engineering lifecycle management base | eq | any | |
ibm engineering requirements management doors next | eq | 6.0.5 |
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:N/A:P
0.011 Low
EPSS
Percentile
82.4%