Lucene search

K
IbmRational Collaborative Lifecycle Management

144 matches found

CVE
CVE
added 2017/06/13 7:29 p.m.70 views

CVE-2017-1099

IBM Jazz Foundation could expose potentially sensitive information to authenticated users through stack trace error conditions. IBM X-Force ID: 120659.

4.3CVSS4.9AI score0.35506EPSS
CVE
CVE
added 2017/11/27 9:29 p.m.57 views

CVE-2016-6024

IBM Jazz technology based products might divulge information that might be useful in helping attackers through error messages. IBM X-Force ID: 116868.

4.3CVSS5.1AI score0.0013EPSS
CVE
CVE
added 2016/11/24 7:59 p.m.54 views

CVE-2016-0273

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 be...

5.4CVSS5.1AI score0.00168EPSS
CVE
CVE
added 2019/06/27 2:15 p.m.53 views

CVE-2019-4083

IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disc...

5.4CVSS5.4AI score0.00277EPSS
CVE
CVE
added 2014/03/02 4:57 a.m.52 views

CVE-2014-0862

Unspecified vulnerability in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x before 3.0.1.6 iFix 2 and 4.x before 4.0.6 allows remote attackers to execute arbitrary code via unknown vectors.

10CVSS7.5AI score0.17369EPSS
CVE
CVE
added 2019/06/27 2:15 p.m.52 views

CVE-2018-1827

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS5.4AI score0.00208EPSS
CVE
CVE
added 2018/07/03 7:29 p.m.51 views

CVE-2017-1717

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially lead...

5.4CVSS5.4AI score0.00182EPSS
CVE
CVE
added 2021/07/19 4:15 p.m.51 views

CVE-2021-20507

IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...

5.4CVSS5.3AI score0.00247EPSS
CVE
CVE
added 2018/07/06 2:29 p.m.50 views

CVE-2017-1237

IBM Jazz based applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124355.

5.4CVSS5.2AI score0.00182EPSS
CVE
CVE
added 2019/06/27 2:15 p.m.50 views

CVE-2018-1758

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS5.5AI score0.00208EPSS
CVE
CVE
added 2016/01/02 9:59 p.m.49 views

CVE-2015-1928

Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.x before 6.0.0 IF4; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; R...

6.8CVSS6.1AI score0.00303EPSS
CVE
CVE
added 2018/07/03 7:29 p.m.49 views

CVE-2017-1312

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially lead...

5.4CVSS5.4AI score0.00175EPSS
CVE
CVE
added 2017/12/27 4:29 p.m.49 views

CVE-2017-1365

IBM Team Concert (RTC including IBM Rational Collaborative Lifecycle Management 4.0, 5.0., and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials dis...

5.4CVSS5.2AI score0.00198EPSS
CVE
CVE
added 2017/12/11 9:29 p.m.49 views

CVE-2017-1507

IBM Jazz Foundation Products could disclose sensitive information during a scan that could lead to further attacks against the system. IBM X-Force ID: 129619.

4.3CVSS4.1AI score0.0013EPSS
CVE
CVE
added 2018/07/06 2:29 p.m.49 views

CVE-2017-1509

IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid future attacks. IBM X-Force ID: 129719.

4.3CVSS4.3AI score0.00137EPSS
CVE
CVE
added 2016/01/03 5:59 a.m.48 views

CVE-2015-4962

Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Te...

3.5CVSS3.5AI score0.00073EPSS
CVE
CVE
added 2019/06/27 2:15 p.m.48 views

CVE-2019-4084

IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) could allow an authenticated user to obtain sensitive information from CLM Applications that could be used in further attacks against the system. IBM X-Force ID: 157384.

4.3CVSS4.7AI score0.00272EPSS
CVE
CVE
added 2020/09/02 7:15 p.m.48 views

CVE-2020-4522

IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182397.

5.4CVSS5.2AI score0.00236EPSS
CVE
CVE
added 2016/01/03 5:59 a.m.47 views

CVE-2015-4946

Rational LifeCycle Project Administration in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x...

3.3CVSS3.8AI score0.00054EPSS
CVE
CVE
added 2018/03/15 10:29 p.m.47 views

CVE-2015-7453

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4....

6.1CVSS5.7AI score0.00187EPSS
CVE
CVE
added 2016/11/24 7:59 p.m.47 views

CVE-2016-0284

The XML parser in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational...

5.5CVSS5.5AI score0.00334EPSS
CVE
CVE
added 2017/06/13 7:29 p.m.47 views

CVE-2016-9973

IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120209.

5.4CVSS5.2AI score0.00255EPSS
CVE
CVE
added 2017/11/27 9:29 p.m.47 views

CVE-2017-1240

IBM Rhapsody DM products could reveal sensitive information in HTTP 500 Internal Server Error responses. IBM X-Force ID: 124359.

4.3CVSS4.2AI score0.00177EPSS
CVE
CVE
added 2018/07/03 7:29 p.m.47 views

CVE-2017-1277

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially lead...

5.4CVSS5.4AI score0.00182EPSS
CVE
CVE
added 2018/07/06 2:29 p.m.47 views

CVE-2017-1559

Multiple IBM Rational products could disclose sensitive information by an attacker that intercepts vulnerable requests. IBM X-Force ID: 131758.

4.3CVSS5.6AI score0.00179EPSS
CVE
CVE
added 2021/10/27 4:15 p.m.47 views

CVE-2021-29713

IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

5.4CVSS5.5AI score0.00111EPSS
CVE
CVE
added 2016/11/24 7:59 p.m.46 views

CVE-2016-0372

IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Team Concert 3.0....

4.3CVSS4.5AI score0.00263EPSS
CVE
CVE
added 2016/11/30 11:59 a.m.46 views

CVE-2016-3014

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Quality Manager 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Team Concert 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, R...

5.4CVSS4.9AI score0.00684EPSS
CVE
CVE
added 2017/02/01 8:59 p.m.46 views

CVE-2016-6061

IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

5.4CVSS5.2AI score0.00227EPSS
CVE
CVE
added 2017/10/25 12:29 p.m.46 views

CVE-2017-1164

IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 123036.

5.4CVSS5.2AI score0.00269EPSS
CVE
CVE
added 2017/11/27 9:29 p.m.46 views

CVE-2017-1251

An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacker. IBM X-Force ID: 124631.

4.3CVSS4.4AI score0.0013EPSS
CVE
CVE
added 2018/07/03 7:29 p.m.46 views

CVE-2017-1299

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially lead...

5.4CVSS5.4AI score0.002EPSS
CVE
CVE
added 2017/11/27 9:29 p.m.46 views

CVE-2017-1570

IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID: 131852.

4.3CVSS4.1AI score0.00178EPSS
CVE
CVE
added 2018/03/23 7:29 p.m.46 views

CVE-2017-1629

IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a t...

5.4CVSS5.2AI score0.00216EPSS
CVE
CVE
added 2018/04/24 2:29 p.m.46 views

CVE-2017-1700

IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody...

6.5CVSS6.2AI score0.00269EPSS
CVE
CVE
added 2018/04/24 2:29 p.m.46 views

CVE-2017-1725

IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody...

4.3CVSS4.7AI score0.00252EPSS
CVE
CVE
added 2017/03/31 6:59 p.m.45 views

CVE-2016-9707

IBM Jazz Foundation is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference #: 2000784.

8.1CVSS8.1AI score0.00359EPSS
CVE
CVE
added 2017/10/25 12:29 p.m.45 views

CVE-2017-1363

IBM Team Concert (RTC) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126856.

5.4CVSS5.2AI score0.0025EPSS
CVE
CVE
added 2018/07/03 7:29 p.m.45 views

CVE-2017-1592

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially lead...

5.4CVSS5.4AI score0.00162EPSS
CVE
CVE
added 2019/06/27 2:15 p.m.45 views

CVE-2019-4249

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS5.4AI score0.00208EPSS
CVE
CVE
added 2019/06/27 2:15 p.m.45 views

CVE-2019-4250

IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disc...

5.4CVSS5.4AI score0.00208EPSS
CVE
CVE
added 2018/07/03 7:29 p.m.44 views

CVE-2017-1316

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially lead...

5.4CVSS5.4AI score0.00175EPSS
CVE
CVE
added 2018/07/06 2:29 p.m.44 views

CVE-2017-1488

An undisclosed vulnerability in Jazz common products exists with potential for information disclosure. IBM X-Force ID: 128627.

5.3CVSS4.9AI score0.00187EPSS
CVE
CVE
added 2018/07/03 7:29 p.m.44 views

CVE-2017-1608

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially lead...

5.4CVSS5.4AI score0.00175EPSS
CVE
CVE
added 2019/06/27 2:15 p.m.44 views

CVE-2018-1734

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 discloses sensitive information in error messages that may be used by a malicious user to orchestrate further attacks. IBM X-Force ID: 147838.

4.3CVSS4.7AI score0.00156EPSS
CVE
CVE
added 2019/06/27 2:15 p.m.44 views

CVE-2018-1760

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS5.4AI score0.00208EPSS
CVE
CVE
added 2019/06/27 2:15 p.m.44 views

CVE-2018-1826

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS5.4AI score0.00208EPSS
CVE
CVE
added 2019/03/14 11:0 p.m.44 views

CVE-2018-1952

IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a ...

5.4CVSS5.1AI score0.00229EPSS
CVE
CVE
added 2019/06/27 2:15 p.m.44 views

CVE-2019-4252

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 159883.

7.5CVSS7.2AI score0.00612EPSS
CVE
CVE
added 2020/09/02 7:15 p.m.44 views

CVE-2020-4445

IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 181122.

5.4CVSS5.2AI score0.00236EPSS
Total number of security vulnerabilities144