7 matches found
EUVD-2014-4734
Malware in sbrugna...
CVE-2018-1608
IBM Rational Engineering Lifecycle Manager 6.0 through 6.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 143798...
Security Bulletin: Vulnerability in Apache Tomcat affects Rational Lifecycle Integration Adapter for HP ALM (CVE-2015-5345, CVE-2016-0706, CVE-2016-0714)
Summary Apache Tomcat could allow a remote attacker to obtain sensitive information or bypass security restrictions and is supplied with specific versions of Rational Lifecycle Integration Adapter for HP ALM. Vulnerability Details CVE Information: CVE-ID: CVE-2015-5345 Description: Apache Tomcat...
Security Bulletin: Vulnerability in IBM Java SDK affects Rational Lifecycle Integration Adapter for HP ALM (CVE-2015-7575)
Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 6.0.16.2 that is used by Rational Lifecycle Integration Adapter for HP ALM. This vulnerability, commonly referred to as “SLOTH”, was disclosed as part of the IBM Java SDK updates in January 2016. Vulnerability Details...
Security Bulletin: Vulnerability in RC4 stream cipher affects Rational Lifecycle Integration Adapter for HP ALM (CVE-2015-2808)
Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects IBM® SDK Java™ Technology Edition, Version 6.0.16.2, that is supplied with specific versions of Rational Lifecycle Integration Adapter for HP ALM. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION:The RC4 algorithm, as used in the TLS...
Security Bulletin: Vulnerability in IBM Java SDK affects Rational Lifecycle Integration Adapter for HP ALM (CVE-2015-0138)
Summary The “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability affects IBM® SDK Java™ Technology Edition, Version 6.0.16.2, that is used by Rational Lifecycle Integration Adapter for HP ALM. Vulnerability Details CVEID: CVE-2015-0138 DESCRIPTION: A vulnerability ...
Session fixation
Session fixation vulnerability in IBM Rational Lifecycle Integration Adapter for Windchill 1.x before 1.0.1 allows remote attackers to hijack web sessions via unspecified vectors...