2 matches found
Security Bulletin: Multiple Security vulnerabilities affect Rational Engineering Lifecycle Manager
Summary Rational Engineering Lifecycle Manager is vulnerable to multiple security vulnerabilities. Vulnerability Details CVEID: CVE-2018-1588 DESCRIPTION: IBM Jazz Foundation is vulnerable to a XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this...
CVE-2018-1539
CVE-2018-1539 affects IBM Rational Engineering Lifecycle Manager versions 5.0–5.02 and 6.0–6.0.6. The issue allows remote attackers to bypass authentication via a direct request or forced browsing to a URL outside the intended page. Public details in connected IBM advisories describe this as an a...