CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

IBM Security Bulletins•added 2018/06/17 5:16 a.m.•20 views

Security Bulletin: Multiple security vulnerabilities affect the Report Builder and Data Collection Component that are shipped with Jazz Reporting Service (CVE-2016-5898, CVE-2016-5899, CVE-2016-6054, CVE-2016-6047)

Summary There are multiple security vulnerabilities in the Report Builder and Data Collection Component DCC shipped with Jazz Reporting Service. Vulnerability Details CVEID: CVE-2016-5898 DESCRIPTION: IBM Jazz Reporting Service JRS could allow a remote attacker to obtain sensitive information,...

5.4CVSS1.8AI score0.00227EPSS

IBM Security Bulletins•added 2018/06/17 5:16 a.m.•27 views

Security Bulletin: Multiple security vulnerabilities have been identified in Jazz Reporting Service shipped with Rational Insight (CVE-2016-5898, CVE-2016-5899, CVE-2016-6054)

Summary Jazz Reporting Service is shipped as a component of Rational Insight. Information about multiple security vulnerabilities affecting Jazz Reporting Service has been published in a security bulletin. Vulnerability Details Consult the security bulletin Security Bulletin: Multiple security...

5.4CVSS2AI score0.00227EPSS

IBM Security Bulletins•added 2018/06/17 5:13 a.m.•25 views

Security Bulletin: Multiple security vulnerabilities have been identified in Jazz Reporting Service shipped with Rational Insight (CVE-2016-0350, CVE-2016-0313, CVE-2016-0314, CVE-2016-0315, CVE-2016-2888, CVE-2016-2889)

8.8CVSS2AI score0.0047EPSS

IBM Security Bulletins•added 2018/06/17 5:0 a.m.•19 views

Security Bulletin: Some security vulnerabilities have been identified in Jazz Team Server shipped with Rational Insight (CVE-2014-6131, CVE-2014-6129)

Summary Jazz Team Server is shipped as a component of Rational Insight, in the areas of Data Collection Component and Jazz Reporting Service.. Information about security vulnerabilities affecting Jazz Team Server have been published in a security bulletin. Vulnerability Details Please consult the...

5.5CVSS1.8AI score0.00348EPSS

IBM Security Bulletins•added 2018/06/17 4:57 a.m.•19 views

Security Bulletin: Security vulnerability in Jazz Team Server affects Rational Insight (CVE-2014-3092)

Summary A vulnerability in the Jazz Team Server affects the Rational Insight, in the areas of Data Collection Component and Jazz Reporting Service. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for more...

5CVSS0.5AI score0.00225EPSS

OSV•added 2016/07/08 1:59 a.m.•2 views

CVE-2016-2889

Cross-site request forgery CSRF vulnerability in the Report Builder and Data Collection Component DCC in IBM Jazz Reporting Service JRS 5.x before 5.0.2 ifix016, 6.0 and 6.0.1 before 6.0.1 ifix005, and 6.0.2 before ifix002 allows remote authenticated users to hijack the authentication of arbitrar...

8.8CVSS5.9AI score0.00105EPSS

NVD•added 2016/07/08 1:59 a.m.•14 views

CVE-2016-2889

8.8CVSS8.6AI score0.00105EPSS

OSV•added 2016/07/08 1:59 a.m.•2 views

CVE-2016-0315

The Report Builder and Data Collection Component DCC in IBM Jazz Reporting Service JRS 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 maintain session ID validity after a logout action, which allows remote authenticated users to hijack sessions by leveraging an unattended workstation...

8.8CVSS5.8AI score

NVD•added 2016/07/08 1:59 a.m.•12 views

CVE-2016-0314

The Report Builder and Data Collection Component DCC in IBM Jazz Reporting Service JRS 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 allow remote authenticated users to conduct clickjacking attacks via unspecified vectors...

6.5CVSS6AI score0.0015EPSS

OSV•added 2016/07/08 1:59 a.m.•1 views

CVE-2016-0314

6.5CVSS5.8AI score

Prion•added 2016/07/08 1:59 a.m.•15 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Report Builder and Data Collection Component DCC in IBM Jazz Reporting Service JRS 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different...

3.5CVSS5AI score0.00213EPSS

Exploits0References1Affected Software1

Prion•added 2016/07/08 1:59 a.m.•21 views

Cross site request forgery (csrf)

6.8CVSS7AI score0.00105EPSS

Exploits0References2Affected Software1

Prion•added 2016/07/08 1:59 a.m.•16 views

Cross site scripting

4.3CVSS5.4AI score0.00213EPSS

Exploits0References1Affected Software1

CVE•added 2016/07/08 1:0 a.m.•53 views

CVE-2016-0313

The CVE-2016-0313 entry concerns IBM Jazz Reporting Service (JRS) Report Builder and Data Collection Component (DCC). The vulnerability is a cross-site scripting (XSS) flaw triggered by a crafted URL, allowing remote authenticated users to execute script or HTML. Affected versions are JRS 5.x pri...

5.4CVSS5AI score0.00168EPSS

Exploits0References1Affected Software1

Cvelist•added 2016/07/08 1:0 a.m.•18 views

CVE-2016-0314

6AI score0.0015EPSS

CNVD•added 2016/07/08 12:0 a.m.•1 views

IBM Jazz Reporting Service (JRS) Cross-Site Scripting Vulnerability (CNVD-2016-04651)

IBM Jazz Reporting Service is an optional component of IBM Rational Reporting for Development Intelligence. IBM Jazz Reporting Service JRS has a cross-site scripting vulnerability in the Report Builder and Data Collection Component DCC implementations. A remote attacker could exploit this...

5.4CVSS6.2AI score0.00213EPSS

CNVD•added 2016/07/08 12:0 a.m.•1 views

IBM Jazz Reporting Service (JRS) Clickjacking Vulnerability

IBM Jazz Reporting Service is an optional component of IBM Rational Reporting for Development Intelligence. IBM Jazz Reporting Service JRS has a security vulnerability in the Report Builder and Data Collection Component DCC implementations. A remote attacker could exploit this vulnerability to...

6.5CVSS6.8AI score0.0015EPSS

CNVD•added 2016/07/08 12:0 a.m.•1 views

IBM Jazz Reporting Service (JRS) Cross-Site Scripting Vulnerability

5.4CVSS6.2AI score0.00168EPSS