Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM279E6A718E999E66DD8549F492032BB8710AAE5C98F04207D547D330FB5D6B37
HistoryApr 28, 2021 - 6:35 p.m.

Security Bulletin: Vulnerability affects multiple IBM Rational products based on IBM Jazz technology (CVE-2015-1971)

2021-04-2818:35:50
www.ibm.com
11
ibm jazz technology
vulnerability
dos attack
clm
rrc
rdng
rtc
rqm
rhapsody dm
rsa dm

EPSS

0.002

Percentile

55.7%

JSON

Summary

An undisclosed vulnerability affects the following IBM Jazz Team Server based Applications: Collaborative Lifecycle Management (CLM), Rational Requirements Composer (RRC), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM), and Rational Software Architect (RSA DM).

Vulnerability Details

CVEID: CVE-2015-1971**
DESCRIPTION:** An undisclosed vulnerability in products using the Jazz Team Server might allow a Denial of Service attack.
CVSS Base Score: 3.3
CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/103623&gt;_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:A/AC:L/Au:N/C:N/I:N/A:P)

Affected Products and Versions

Rational Collaborative Lifecycle Management 3.0.1 - 5.0.2

Rational Quality Manager 2.0 - 2.0.1
Rational Quality Manager 3.0 - 3.0.1.6
Rational Quality Manager 4.0 - 4.0.7
Rational Quality Manager 5.0 - 5.0.2

Rational Team Concert 2.0 - 2.0.0.2
Rational Team Concert 3.0 - 3.0.6
Rational Team Concert 4.0 - 4.0.7
Rational Team Concert 5.0 - 5.0.2

Rational Requirements Composer 2.0 - 2.0.0.4
Rational Requirements Composer 3.0 - 3.0.1.6
Rational Requirements Composer 4.0 - 4.0.7

Rational DOORS Next Generation 4.0 - 4.0.7
Rational DOORS Next Generation 5.0 - 5.0.2

Rational Engineering Lifecycle Manager 1.0- 1.0.0.1
Rational Engineering Lifecycle Manager 4.0.3 - 4.0.7
Rational Engineering Lifecycle Manager 5.0 - 5.0.2

Rational Rhapsody Design Manager 3.0 - 3.0.1
Rational Rhapsody Design Manager 4.0 - 4.0.7
Rational Rhapsody Design Manager 5.0 - 5.0.2
Rational Rhapsody Design Manager 6.0

Rational Software Architect Design Manager 3.0 - 3.0.1
Rational Software Architect Design Manager 4.0 - 4.0.7
Rational Software Architect Design Manager 5.0 - 5.0.2

Remediation/Fixes

Upgrade to version 6.0 or later

For the 5.x releases, upgrade to version 5.0.2 iFix10 or later

Workarounds and Mitigations

None

Related

prion 1
cve 1
cvelist 1
nvd 1
prion
prion
Design/Logic Flaw
2016-01-03 00:59:00
cve
cve
CVE-2015-1971
2016-01-03 00:59:00
cvelist
cvelist
CVE-2015-1971
2016-01-03 00:00:00
nvd
nvd
CVE-2015-1971
2016-01-03 00:59:00

EPSS

0.002

Percentile

55.7%

JSON
Related for 279E6A718E999E66DD8549F492032BB8710AAE5C98F04207D547D330FB5D6B37
prion1cve1cvelist1nvd1