Security Bulletin: Security vulnerabilities in Apache Tomcat affect multiple IBM Rational products based on IBM's Jazz technology

Summary The Jazz Team Server is shipped with/or supports versions of the Apache Tomcat web server which contains a security vulnerabilities that could potentially impact the following IBM Rational products deployed on Apache Tomcat: Collaborative Lifecycle Management CLM, Rational DOORS Next...

Security Bulletin: Cross-site scripting vulnerability in IBM Jazz Team Server affect IBM Rational products based on IBM Jazz technology

Summary Potential cross-site scripting vulnerability in the IBM Jazz Team Server affects the following IBM Rational Products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC, Rational Quality Manag...

Security Bulletin: Multiple vulnerabilities in WebSphere Application Server affect IBM Rational products based on IBM Jazz technology

Summary Multiple vulnerabilities in WebSphere Application Server bundled with IBM Jazz Team Server based Applications affect the following products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC,...

Security Bulletin: Security vulnerabilities affect IBM® Rational® Team Concert

Summary IBM Team Concert RTC is vulnerable to multiple cross-site scripting vulnerabilities. Vulnerability Details CVEID: CVE-2018-1408 DESCRIPTION: IBM Team Concert RTC is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus...

Security Bulletin: OpenSSL vulnerability affects IBM Rational Team Concert

Summary OpenSSL vulnerability was disclosed by the OpenSSL Project. OpenSSL is used by Rational BuildForge Agent shipped with IBM Rational Team Concert. Rational BuildForge has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2019-1559 DESCRIPTION: OpenSSL could allow a remote...

Security Bulletin: Vulnerability affects multiple IBM Rational products based on IBM Jazz technology (CVE-2016-2947)

Summary An undisclosed information disclosure vulnerability in the IBM Jazz Foundation affects the following IBM Jazz based Applications: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC, Rational...

Security Bulletin: Security vulnerabilities in Apache Tomcat affect multiple IBM Rational products based on IBM's Jazz technology

Summary The Jazz Team Server is shipped with/or supports versions of the Apache Tomcat web server which contains a security vulnerabilities that could potentially impact the following IBM Rational products deployed on Apache Tomcat: Collaborative Lifecycle Management CLM, Rational DOORS Next...

Security Bulletin: Vulnerability in WebSphere Application Server affects multiple IBM Rational products based on IBM Jazz technology (CVE-2017-1380)

Summary Cross-site scripting vulnerability in WebSphere Application Server bundled with IBM Jazz Team Server based Applications affects multiple products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concer...

Security Bulletin: Vulnerability in Rational Team Concert with potential for Cross-Site Scripting attack (CVE-2016-0331)

Summary IBM Team Concert RTC is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. Vulnerability Details CVEID: CVE-2016-0331 DESCRIPTION: IBM Team Concert RTC is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A...

Security Bulletin: Security vulnerabilities in Apache Tomcat affects multiple IBM Rational products based on IBM's Jazz technology (CVE-2014-0227)

Summary The Jazz Team Server is shipped with a version of the Apache Tomcat web server which contains security vulnerabilities that could potentially impact the following IBM Rational products deployed on Apache Tomcat: Collaborative Lifecycle Management CLM, Rational Requirements Composer RRC,...

Security Bulletin: Information disclosure vulnerability affects multiple IBM Rational products based on IBM Jazz technology (CVE-2016-9735)

Summary Information disclosure vulnerability in the IBM Jazz Foundation affects the following IBM Jazz based Applications: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC, Rational Quality Manager...

Security Bulletin: A security vulnerability for cross-site scripting affects multiple IBM Rational products based on IBM Jazz technology (CVE-2016-2986)

Summary This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session affecting the following IBM Jazz Team Server based Applications: Collaborative Lifecycle...

Security Bulletin: Cross-site request forgery vulnerability in WebSphere Application Server affects multiple IBM Rational products based on IBM Jazz technology (CVE-2017-1194)

Summary Cross-site request forgery vulenerability in WebSphere Application Server and WebSphere Application Server Liberty bundled with IBM Jazz Team Server based Applications affects multiple products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational...

Security Bulletin: Multiple vulnerabilities in IBM Jazz Team Server affect IBM Rational products based on IBM Jazz technology

Summary There are multiple vulnerabilities in the IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC, Rational Quality Manager RQM,...

Security Bulletin: Security vulnerabilities in Apache Tomcat affects multiple IBM Rational products based on IBM's Jazz technology (CVE-2016-3092)

Summary The Jazz Team Server is shipped with or supports versions of the Apache Tomcat web server which contain security vulnerabilities that could potentially impact the following IBM Rational products deployed on Apache Tomcat: Collaborative Lifecycle Management CLM, Rational Requirements...

File Upload Vulnerability in e-office Panmicro Collaboration Office System

e-cology is a collaborative business platform with enterprise information portal, knowledge management, data center, workflow management, human resource management, customer and partner management, project management, financial management, and asset management functions. A file upload vulnerabili...

Unauthorized Access Vulnerability in OA System of Beijing Zhiyuan Internet Software Co.

Founded in 2002, Beijing Zhiyuan Internet Software Co., Ltd. is a high-tech enterprise always focusing on the field of collaborative management software, providing customers with professional collaborative management software products, solutions, platforms and cloud services. An unauthorized acce...

Information Leakage Vulnerability in Collaborative Business System of Shanghai Panmicro Network Technology Co.

Collaborative Business System is a complete platform for enterprise collaboration. An information leakage vulnerability exists in the Collaborative Business System of Shanghai Panmicro Network Technology Co., Ltd. that can be exploited by an attacker to anonymously obtain a user's login password...

File Containment Vulnerability in Panavision e-message Management Interface

Ltd. was founded in 2001, headquartered in Shanghai, focusing on the field of collaborative management software, and is committed to collaborative OA as the core to help enterprises build a unified mobile office platform. A file inclusion vulnerability exists in the Panmicro e-message management...

JC6 Collaborative OA Platform has SQL Injection Vulnerability

JC6 collaborative OA platform is a J2EE framework-based collaborative office platform developed by Beijing Jinhe Software Co. There is a SQL injection vulnerability in JC6 Collaborative OA Platform. Attackers can use the vulnerability to obtain sensitive database information...