2 matches found
Security Bulletin: Multiple Security vulnerabilities affect Rational Engineering Lifecycle Manager
Summary Rational Engineering Lifecycle Manager is vulnerable to multiple security vulnerabilities. Vulnerability Details CVEID: CVE-2018-1588 DESCRIPTION: IBM Jazz Foundation is vulnerable to a XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this...
CVE-2018-1560
IBM Rational Engineering Lifecycle Manager is affected by CVE-2018-1560: a cross-site scripting vulnerability in the Web UI that can lead to credentials disclosure within a trusted session. Affected versions are 5.0–5.02 and 6.0–6.0.6. Remediation per IBM bulletin: upgrade to 6.0.6 IFIX02 or late...