Lucene search
K

181 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2021/04/28 6:35 p.m.19 views

Security Bulletin: Vulnerability in Rational Team Concert with potential for Cross-Site Scripting attack (CVE-2016-0331)

Summary IBM Team Concert RTC is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. Vulnerability Details CVEID: CVE-2016-0331 DESCRIPTION: IBM Team Concert RTC is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A...

5.4CVSS0.4AI score0.00802EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/28 6:35 p.m.21 views

Security Bulletin: Clickjack vulnerability affects multiple IBM Rational products based on IBM Jazz technology (CVE-2015-1928)

Summary A vulnerability in the IBM Jazz Foundation affects the following IBM Jazz Team Server based Applications: Collaborative Lifecycle Management CLM, Rational Requirements Composer RRC, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC...

6.8CVSS0.8AI score0.01202EPSS
Exploits0Affected Software7
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/28 6:35 p.m.24 views

Security Bulletin: Cross-site scripting vulnerability affects multiple IBM Rational products based on IBM Jazz technology (CVE-2016-8968)

Summary Cross-site scripting vulnerability in the IBM Jazz Foundation affects the following IBM Jazz based Applications: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC, Rational Quality Manager RQ...

5.4CVSS1.3AI score0.00935EPSS
Exploits0Affected Software7
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/28 6:35 p.m.29 views

Security Bulletin: OpenSSL vulnerabilities affect IBM Rational Team Concert

Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by Rational BuildForge Agent shipped with IBM Rational Team Concert. Rational BuildForge has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2018-0739 DESCRIPTION: OpenSSL is vulnerable to a...

6.5CVSS0.8AI score0.83645EPSS
Exploits2Affected Software2
CNVD
CNVD
added 2019/06/28 12:0 a.m.5 views

IBM Rational Collaborative Lifecycle Management Cross-Site Scripting Vulnerability (CNVD-2019-20847)

IBM Rational Collaborative Lifecycle Management CLM is a suite of collaborative lifecycle management solutions from IBM in the United States. The solution combines three products, RTC, RQM, and RRC, in a single IBM SmartCloud Enterprise cloud environment image to provide requirements management,...

5.4CVSS6.3AI score0.00673EPSS
Exploits0References1
CNVD
CNVD
added 2019/06/28 12:0 a.m.2 views

IBM Rational Quality Manager Cross-Site Scripting Vulnerability (CNVD-2019-20855)

IBM Rational Collaborative Lifecycle Management CLM is a suite of collaborative lifecycle management solutions from IBM in the United States. The solution combines three products, RTC, RQM, and RRC, in a single IBM SmartCloud Enterprise cloud environment image to provide requirements management,...

5.4CVSS6.4AI score0.00597EPSS
Exploits0References1
CNVD
CNVD
added 2019/06/28 12:0 a.m.3 views

IBM Rational Quality Manager Cross-Site Scripting Vulnerability (CNVD-2019-20856)

IBM Rational Collaborative Lifecycle Management CLM is a suite of collaborative lifecycle management solutions from IBM in the United States. The solution combines three products, RTC, RQM, and RRC, in a single IBM SmartCloud Enterprise cloud environment image to provide requirements management,...

5.4CVSS6.4AI score0.00597EPSS
Exploits0References1
CNVD
CNVD
added 2019/06/28 12:0 a.m.4 views

IBM Rational Quality Manager Cross-Site Scripting Vulnerability (CNVD-2019-20859)

IBM Rational Collaborative Lifecycle Management CLM is a suite of collaborative lifecycle management solutions from IBM in the United States. The solution combines three products, RTC, RQM, and RRC, in a single IBM SmartCloud Enterprise cloud environment image to provide requirements management,...

5.4CVSS6.3AI score0.00597EPSS
Exploits0References1
NVD
NVD
added 2019/06/27 2:15 p.m.22 views

CVE-2018-1826

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

5.4CVSS5.2AI score0.00597EPSS
Exploits0References2
NVD
NVD
added 2019/06/27 2:15 p.m.20 views

CVE-2018-1892

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

5.4CVSS5.2AI score0.00597EPSS
Exploits0References2
OSV
OSV
added 2019/06/27 2:15 p.m.5 views

CVE-2018-1760

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

5.4CVSS5.4AI score0.00597EPSS
Exploits0References2
NVD
NVD
added 2019/06/27 2:15 p.m.18 views

CVE-2019-4252

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 159883...

7.5CVSS6.5AI score0.03366EPSS
Exploits0References2
NVD
NVD
added 2019/06/27 2:15 p.m.23 views

CVE-2019-4084

IBM Jazz Foundation products IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 could allow an authenticated user to obtain sensitive information from CLM Applications that could be used in further attacks against the system. IBM X-Force ID: 157384...

4.3CVSS4.1AI score0.01003EPSS
Exploits0References2
OSV
OSV
added 2019/06/27 2:15 p.m.3 views

CVE-2018-1826

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

5.4CVSS5.4AI score
Exploits0References2
NVD
NVD
added 2019/06/27 2:15 p.m.23 views

CVE-2018-1828

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

5.4CVSS5.2AI score0.00597EPSS
Exploits0References2
NVD
NVD
added 2019/06/27 2:15 p.m.21 views

CVE-2019-4249

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

5.4CVSS5.2AI score0.00673EPSS
Exploits0References2
NVD
NVD
added 2019/06/27 2:15 p.m.21 views

CVE-2018-1734

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 discloses sensitive information in error messages that may be used by a malicious user to orchestrate further attacks. IBM X-Force ID: 147838...

4.3CVSS4.2AI score0.00876EPSS
Exploits0References2
Prion
Prion
added 2019/06/27 2:15 p.m.18 views

Cross site scripting

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

3.5CVSS5.1AI score0.00673EPSS
Exploits0References2Affected Software7
Prion
Prion
added 2019/06/27 2:15 p.m.19 views

Design/Logic Flaw

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 159883...

5CVSS7.2AI score0.03366EPSS
Exploits0References2Affected Software7
Prion
Prion
added 2019/06/27 2:15 p.m.17 views

Cross site scripting

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

3.5CVSS5.1AI score0.00597EPSS
Exploits0References2Affected Software8
Rows per page
Query Builder