Lucene search
K

146 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2020/09/10 3:49 p.m.34 views

Security Bulletin: IBM Java Quarterly CPU - July 2014 affecting Rational Software Architect for Websphere Software (CVE-2014-0411)

Summary Timing differences based on validity of TLS messages can be exploited to decrypt the entire session. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for more information requires login with your IBM ID...

4CVSS0.1AI score0.02414EPSS
Exploits0Affected Software4
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/10 3:49 p.m.33 views

Security Bulletin: Vulnerability in RC4 stream cipher affects Rational Software Architect for WebSphere Software (CVE-2015-2808)

Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects Rational Software Architect for WebSphere Software. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An...

5CVSS0.5AI score0.74006EPSS
Exploits0Affected Software4
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/10 3:49 p.m.39 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects Rational Software Architect, Software Architect for WebSphere Software & Rational Software Architect RealTime (CVE-2015-2613, CVE-2015-2601, CVE-2015-2625, CVE-2015-1931, CVE-2015-4872)

Summary There are multiple vulnerabilities in IBM® SDKs Java™ Technology Edition, Versions 7 and 8 that is used by IBM Rational Software Architect, IBM Rational Software Architect for WebSphere Software and IBM Rational Software Architect RealTime. These issues were disclosed as part of the IBM...

5.5CVSS0.6AI score0.0381EPSS
Exploits0Affected Software4
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/10 3:43 p.m.33 views

Security Bulletin: Multiple vulnerabilities affecting the Cordova platform and IBM SDK Node.js packaged with Rational Software Architect and Rational Software Architect for WebSphere Software

Summary Multiple vulnerabilities have been discovered that affect the Cordova platform and IBM SDK Node.js packaged with Rational Software Architect and Rational Software Architect for WebSphere software CVE-2014-3500, CVE-2014-3501, CVE-2014-3502, CVE-2014-5256, CVE-2014-7191, CVE-2014-7192,...

10CVSS0.7AI score0.37072EPSS
Exploits2Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/10 3:43 p.m.24 views

Security Bulletin: A Security Vulnerability exists in the Dojo runtime that affects Rational Software Architect and Rational Software Architect for Websphere Software

Summary The dojox/form/resources/fileuploader.swf, dojox/form/resources/uploader.swf, dojox/av/resources/audio.swf, and dojox/av/resources/video.swf files exhibit an cross-site scripting XSS vulnerability. Any web application using the IBM Dojo Toolkit and providing those files might be subject t...

4.3CVSS0.7AI score0.0206EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/10 3:43 p.m.43 views

Security Bulletin: Vulnerabilities in OpenSSL affects Rational Software Architect for Websphere Software

Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by the OpenSSL Project. OpenSSL is used by the Cordova platform packaged with Rational Software Architect for Websphere Software and has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-0207 DESCRIPTION: OpenSSL ...

7.5CVSS1AI score0.44503EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2020/05/30 7:26 p.m.37 views

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2020 - Includes Oracle Jan 2020 CPU minus CVE-2020-2585, CVE-2020-2654, and CVE-2020-2590

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 8 that are used by Rational Software Architect Designer and Rational Software Architect Designer for Websphere Software. These issues were disclosed as part of the IBM Java SDK updates in Jan 2020...

7.2CVSS1.3AI score0.03823EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/05/21 9:55 a.m.37 views

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2019 - Includes Oracle Oct 2019 CPU minus CVE-2019-2949

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 8 that are used by Rational Software Architect Designer and Rational Software Architect Designer for Websphere Software. These issues were disclosed as part of the IBM Java SDK updates in Oct 2019...

6.8CVSS1.1AI score0.03749EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2018/07/20 12:0 a.m.4 views

IBM Rational Rhapsody Design Manager and IBM Rational Software Architect Design Manager Cross-Site Scripting Vulnerabilities (CNVD-2018-23901)

IBM Rational Rhapsody Design Manager is collaborative design management software built on the IBM Jazz platform that helps design team members and stakeholders share, track, review, and manage designs.IBM Rational Software Architect Design Manager is a IBM Rational Software Architect Design Manag...

5.4CVSS5.4AI score0.00666EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2018/07/19 5:28 p.m.30 views

Security Bulletin: Rational Software Architect Design Manager is vulnerable to cross-site scripting (CVE-2018-1400)

Summary RSA DM allowed injection of arbitrary JavaScript code into configuration names, which could later get executed during some configuration management operations. Vulnerability Details CVEID: CVE-2018-1400 DESCRIPTION: IBM Rhapsody DM is vulnerable to cross-site scripting. This vulnerability...

1.3AI score
Exploits0Affected Software1
OSV
OSV
added 2018/07/19 2:29 p.m.2 views

CVE-2018-1585

IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus...

5.4CVSS5.4AI score0.00666EPSS
Exploits0References2
OSV
OSV
added 2018/07/19 2:29 p.m.4 views

CVE-2018-1536

IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus...

5.4CVSS5.4AI score0.00666EPSS
Exploits0References2
Prion
Prion
added 2018/07/19 2:29 p.m.19 views

Cross site scripting

IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus...

3.5CVSS5.1AI score0.00666EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2018/07/19 2:29 p.m.2 views

CVE-2018-1587

IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 could reveal technical error messages to allow an adversary to gain information about the application and database that could be...

4.3CVSS5.8AI score0.00984EPSS
Exploits0References2
OSV
OSV
added 2018/07/19 2:29 p.m.1 views

CVE-2018-1535

IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus...

5.4CVSS5.4AI score0.00666EPSS
Exploits0References2
Prion
Prion
added 2018/07/19 2:29 p.m.18 views

Cross site scripting

IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus...

3.5CVSS5.1AI score0.00666EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2018/07/19 2:0 p.m.47 views

CVE-2018-1535

CVE-2018-1535 affects IBM Rational Rhapsody Design Manager and IBM Rational Software Architect Design Manager. Vulnerability: cross-site scripting in the Web UI that can allow embedding arbitrary JavaScript, potentially altering functionality and leading to credentials disclosure within a trusted...

5.4CVSS5.2AI score0.00666EPSS
Exploits0References2Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:28 a.m.34 views

Security Bulletin: IBM Rational Software Architect Design Manager does not handle incoming requests containing XML in a safe manner (CVE-2018-1456, CVE-2018-1587)

Summary Usage of XML external entities in RSA DM linktype definitions comprises a security risk including disclosure of local files. An error message displayed when parsing incorrect XML can disclose unnecessary technical details that can be potentially used to construct new attacks. Vulnerabilit...

7.1CVSS0.8AI score0.02023EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:27 a.m.23 views

Security Bulletin: IBM Rational Software Architect Design Manager is vulnerable to cross-site scripting (XSS) attack (CVE-2017-1462)

Summary Document web editor in RSA DM could be vulnerable to cross-site scripting attack if document content was tampered. Vulnerability Details CVEID: CVE-2017-1462 DESCRIPTION: IBM Rhapsody DM is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript...

5.4CVSS0.9AI score0.00819EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:22 a.m.32 views

Security Bulletin: Multiple vulnerabilities in certain services of IBM Rational Software Architect Design Manager

Summary A number of services in Rational Software Architect Design Manager were not sanitizing user input properly thus potentially allowing cross-site scripting, json hijacking, and HTML injection attacks. Vulnerability Details CVEID: CVE-2015-7485 DESCRIPTION: IBM Jazz technology based products...

5.4CVSS1AI score0.0072EPSS
Exploits0Affected Software1
Rows per page
Query Builder