Lucene search
K

185 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2021/04/28 6:35 p.m.20 views

Security Bulletin: Clickjack vulnerability affects multiple IBM Rational products based on IBM Jazz technology (CVE-2015-1928)

Summary A vulnerability in the IBM Jazz Foundation affects the following IBM Jazz Team Server based Applications: Collaborative Lifecycle Management CLM, Rational Requirements Composer RRC, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC...

6.8CVSS0.8AI score0.01202EPSS
Exploits0Affected Software7
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/28 6:35 p.m.43 views

Security Bulletin: OpenSSL vulnerability affects IBM Rational Team Concert

Summary OpenSSL vulnerability was disclosed by the OpenSSL Project. OpenSSL is used by Rational BuildForge Agent shipped with IBM Rational Team Concert. Rational BuildForge has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2018-5407 DESCRIPTION: Multiple SMT/Hyper-Threading...

5.9CVSS0.2AI score0.17139EPSS
Exploits4Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/28 6:35 p.m.18 views

Security Bulletin: Cross-site scripting vulnerability in IBM Jazz Team Server affect IBM Rational products based on IBM Jazz technology

Summary Potential cross-site scripting vulnerability in the IBM Jazz Team Server affects the following IBM Rational Products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC, Rational Quality Manag...

5.4CVSS1.1AI score0.01335EPSS
Exploits0Affected Software7
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/28 6:35 p.m.12 views

Security Bulletin: Cross-site request forgery vulnerability in WebSphere Application Server affects multiple IBM Rational products based on IBM Jazz technology (CVE-2017-1194)

Summary Cross-site request forgery vulenerability in WebSphere Application Server and WebSphere Application Server Liberty bundled with IBM Jazz Team Server based Applications affects multiple products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational...

8.8CVSS0.8AI score0.00877EPSS
Exploits0Affected Software7
CNVD
CNVD
added 2019/06/28 12:0 a.m.2 views

IBM Rational Quality Manager Cross-Site Scripting Vulnerability (CNVD-2019-20855)

IBM Rational Collaborative Lifecycle Management CLM is a suite of collaborative lifecycle management solutions from IBM in the United States. The solution combines three products, RTC, RQM, and RRC, in a single IBM SmartCloud Enterprise cloud environment image to provide requirements management,...

5.4CVSS6.4AI score0.00597EPSS
Exploits0References1
CNVD
CNVD
added 2019/06/28 12:0 a.m.3 views

IBM Rational Quality Manager Cross-Site Scripting Vulnerability (CNVD-2019-20856)

IBM Rational Collaborative Lifecycle Management CLM is a suite of collaborative lifecycle management solutions from IBM in the United States. The solution combines three products, RTC, RQM, and RRC, in a single IBM SmartCloud Enterprise cloud environment image to provide requirements management,...

5.4CVSS6.4AI score0.00597EPSS
Exploits0References1
CNVD
CNVD
added 2019/06/28 12:0 a.m.3 views

IBM Rational Collaborative Lifecycle Management Cross-Site Scripting Vulnerability (CNVD-2019-20847)

IBM Rational Collaborative Lifecycle Management CLM is a suite of collaborative lifecycle management solutions from IBM in the United States. The solution combines three products, RTC, RQM, and RRC, in a single IBM SmartCloud Enterprise cloud environment image to provide requirements management,...

5.4CVSS6.3AI score0.00673EPSS
Exploits0References1
CNVD
CNVD
added 2019/06/28 12:0 a.m.3 views

IBM Rational Quality Manager Cross-Site Scripting Vulnerability (CNVD-2019-20859)

IBM Rational Collaborative Lifecycle Management CLM is a suite of collaborative lifecycle management solutions from IBM in the United States. The solution combines three products, RTC, RQM, and RRC, in a single IBM SmartCloud Enterprise cloud environment image to provide requirements management,...

5.4CVSS6.3AI score0.00597EPSS
Exploits0References1
NVD
NVD
added 2019/06/27 2:15 p.m.22 views

CVE-2018-1826

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

5.4CVSS5.2AI score0.00597EPSS
Exploits0References2
NVD
NVD
added 2019/06/27 2:15 p.m.23 views

CVE-2019-4084

IBM Jazz Foundation products IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 could allow an authenticated user to obtain sensitive information from CLM Applications that could be used in further attacks against the system. IBM X-Force ID: 157384...

4.3CVSS4.1AI score0.01003EPSS
Exploits0References2
NVD
NVD
added 2019/06/27 2:15 p.m.20 views

CVE-2019-4249

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

5.4CVSS5.2AI score0.00673EPSS
Exploits0References2
NVD
NVD
added 2019/06/27 2:15 p.m.17 views

CVE-2019-4252

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 159883...

7.5CVSS6.5AI score0.03366EPSS
Exploits0References2
OSV
OSV
added 2019/06/27 2:15 p.m.2 views

CVE-2018-1826

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

5.4CVSS5.4AI score
Exploits0References2
NVD
NVD
added 2019/06/27 2:15 p.m.23 views

CVE-2018-1828

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

5.4CVSS5.2AI score0.00597EPSS
Exploits0References2
NVD
NVD
added 2019/06/27 2:15 p.m.20 views

CVE-2018-1892

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

5.4CVSS5.2AI score0.00597EPSS
Exploits0References2
OSV
OSV
added 2019/06/27 2:15 p.m.5 views

CVE-2018-1760

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

5.4CVSS5.4AI score0.00597EPSS
Exploits0References2
NVD
NVD
added 2019/06/27 2:15 p.m.21 views

CVE-2018-1734

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 discloses sensitive information in error messages that may be used by a malicious user to orchestrate further attacks. IBM X-Force ID: 147838...

4.3CVSS4.2AI score0.00876EPSS
Exploits0References2
Prion
Prion
added 2019/06/27 2:15 p.m.19 views

Cross site scripting

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

3.5CVSS5.1AI score0.00597EPSS
Exploits0References2Affected Software8
Prion
Prion
added 2019/06/27 2:15 p.m.19 views

Design/Logic Flaw

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 159883...

5CVSS7.2AI score0.03366EPSS
Exploits0References2Affected Software7
Prion
Prion
added 2019/06/27 2:15 p.m.17 views

Cross site scripting

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

3.5CVSS5.1AI score0.00597EPSS
Exploits0References2Affected Software8
Rows per page
Query Builder