2 matches found
Security Bulletin: Multiple Security vulnerabilities affect Rational Engineering Lifecycle Manager
Summary Rational Engineering Lifecycle Manager is vulnerable to multiple security vulnerabilities. Vulnerability Details CVEID: CVE-2018-1588 DESCRIPTION: IBM Jazz Foundation is vulnerable to a XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this...
CVE-2018-1659
IBM Rational Engineering Lifecycle Manager is affected by a cross-site scripting vulnerability affecting version ranges 5.0–5.0.2 and 6.0–6.0.6. The flaw enables arbitrary JavaScript in the Web UI, potentially leading to credentials disclosure within a trusted session. The IBM bulletin (CVE-2018-...