Rational Collaborative Lifecycle Management Security Vulnerabilities and Issues — Page 3 of Rational Collaborative Lifecycle Management CVE List

Lucene search

IbmRational Collaborative Lifecycle Management

144 matches found

CVE•added 2015/04/27 11:59 a.m.•38 views

CVE-2015-0113

The Jazz help system in IBM Rational Collaborative Lifecycle Management 4.0 through 5.0.2, Rational Quality Manager 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Team Concert 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Requirements Composer 4.0 through 4.0.7, Rational DOORS Next Generatio...

5CVSS6.7AI score0.00225EPSS

CVE•added 2017/10/25 12:29 p.m.•38 views

CVE-2017-1295

IBM RSA DM contains unspecified vulnerability in CLM Applications with potential for information leakage. IBM X-Force ID: 125157.

4.3CVSS4.6AI score0.00177EPSS

CVE•added 2018/07/03 7:29 p.m.•38 views

CVE-2017-1651

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially lead...

5.4CVSS5.4AI score0.00175EPSS

CVE•added 2018/07/03 7:29 p.m.•38 views

CVE-2017-1691

5.4CVSS5.4AI score0.00182EPSS

CVE•added 2018/11/06 4:29 p.m.•38 views

CVE-2018-1606

IBM Jazz based applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Quality Man...

4.3CVSS4.3AI score0.00184EPSS

CVE•added 2016/01/03 12:59 a.m.•37 views

CVE-2015-1971

Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF8 and 5.x before 5.0.2 IF10; Rational Quality Manager (RQM) 2.x and 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF8, and 5.x before 5.0.2 IF10; Rational ...

4.3CVSS4.5AI score0.00249EPSS

CVE•added 2016/10/22 3:59 a.m.•37 views

CVE-2016-0326

IBM Rational Quality Manager (RQM) and Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.x before 4.0.7 iFix11, 5.x before 5.0.2 iFix17, and 6.x before 6.0.1 ifix3 allow remote authenticated users to execute arbitrary OS commands via a crafted "HTML request."

8.8CVSS8.5AI score0.00894EPSS

CVE•added 2016/11/24 7:59 p.m.•37 views

CVE-2016-2864

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 be...

5.4CVSS5.1AI score0.00168EPSS

CVE•added 2017/10/25 12:29 p.m.•37 views

CVE-2017-1241

An unspecified vulnerability in IBM Jazz Foundation based applications might allow the display of stack trace information to an attacker. IBM X-Force ID: 124523.

4.3CVSS4.5AI score0.00177EPSS

CVE•added 2018/07/06 2:29 p.m.•37 views

CVE-2017-1329

IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 126231.

5.4CVSS5.7AI score0.00129EPSS

CVE•added 2018/07/03 7:29 p.m.•37 views

CVE-2017-1561

5.4CVSS5.4AI score0.00175EPSS

CVE•added 2018/07/03 7:29 p.m.•37 views

CVE-2017-1564

5.4CVSS5.2AI score0.00175EPSS

CVE•added 2018/07/03 7:29 p.m.•37 views

CVE-2017-1715

5.4CVSS5.4AI score0.00182EPSS

CVE•added 2021/07/28 1:15 p.m.•37 views

CVE-2020-4974

IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 192434.

6.5CVSS6.3AI score0.00168EPSS

CVE•added 2021/07/28 1:15 p.m.•37 views

CVE-2020-5004

IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 192957.

5.4CVSS5.3AI score0.00346EPSS

CVE•added 2018/07/06 2:29 p.m.•36 views

CVE-2017-1238

IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force...

5.4CVSS5.3AI score0.00158EPSS

CVE•added 2018/07/03 7:29 p.m.•36 views

CVE-2017-1275

5.4CVSS5.4AI score0.00182EPSS

CVE•added 2018/07/03 7:29 p.m.•36 views

CVE-2017-1314

5.4CVSS5.4AI score0.00175EPSS

CVE•added 2018/04/23 1:29 p.m.•36 views

CVE-2017-1701

IBM Team Concert (RTC) 5.0, 5.0.1, 5.0.2, 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, and 6.0.5 stores credentials for users using a weak encryption algorithm, which could allow an authenticated user to obtain highly sensitive information. IBM X-Force ID: 134393.

8.8CVSS8.2AI score0.00074EPSS

CVE•added 2018/03/23 7:29 p.m.•36 views

CVE-2017-1762

IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a t...

5.4CVSS5.2AI score0.00216EPSS

CVE•added 2015/03/18 10:59 a.m.•35 views

CVE-2014-6131

IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team Concert 2.x and 3.x bef...

4CVSS6.2AI score0.00158EPSS

CVE•added 2015/07/20 1:59 a.m.•35 views

CVE-2015-0130

Cross-site scripting (XSS) vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Quality Manager (RQM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Team Concert (RTC) 4.x befor...

3.5CVSS5.2AI score0.00166EPSS

CVE•added 2018/03/20 9:29 p.m.•35 views

CVE-2015-7449

IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Quality Manager (RQM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Ration...

3.3CVSS3.5AI score0.00018EPSS

CVE•added 2016/07/15 6:59 p.m.•35 views

CVE-2016-2865

The GIT Integration component in IBM Rational Team Concert (RTC) 5.x before 5.0.2 iFix14 and 6.x before 6.0.1 iFix5 and Rational Collaborative Lifecycle Management 5.x before 5.0.2 iFix14 and 6.x before 6.0.1 iFix5 allows remote authenticated users to obtain sensitive information via a malformed re...

6.5CVSS5.8AI score0.00202EPSS

CVE•added 2018/07/06 2:29 p.m.•35 views

CVE-2017-1248

6.1CVSS6.2AI score0.00177EPSS

CVE•added 2019/03/14 11:0 p.m.•35 views

CVE-2018-1916

IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a ...

5.4CVSS5.1AI score0.00229EPSS

CVE•added 2020/09/02 7:15 p.m.•35 views

CVE-2020-4546

IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 183314.

5.4CVSS5.2AI score0.00236EPSS

CVE•added 2015/03/18 10:59 a.m.•34 views

CVE-2014-6129

5.5CVSS6.3AI score0.00348EPSS

CVE•added 2017/02/15 7:59 p.m.•34 views

CVE-2016-8968

IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1998515.

5.4CVSS5.2AI score0.00657EPSS

CVE•added 2017/07/05 5:29 p.m.•34 views

CVE-2016-9733

IBM Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 119762.

5.4CVSS5.2AI score0.00272EPSS

CVE•added 2017/07/05 5:29 p.m.•34 views

CVE-2016-9746

5.4CVSS5.2AI score0.00272EPSS

CVE•added 2019/03/14 10:29 p.m.•34 views

CVE-2018-1823

IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150...

5.4CVSS5.2AI score0.00229EPSS

CVE•added 2019/03/14 11:0 p.m.•34 views

CVE-2018-1983

IBM Rational Team Concert 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 154136...

5.4CVSS5.2AI score0.00229EPSS

CVE•added 2015/06/07 6:59 p.m.•33 views

CVE-2015-0112

Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Quality Manager (RQM) 2.0 through 2.0.1, 3.0 through 3.0.1.6, 4.0 through 4.0.7, and 5.0 through 5.0.2; Rational Team Concert (RTC) 2.0 throug...

4CVSS6.3AI score0.00206EPSS

CVE•added 2016/11/25 8:59 p.m.•33 views

CVE-2016-2926

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix19, and 6.0 before 6.0.2 iFix3; Rational Quality Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix19, and 6.0 before 6.0.2 iFix3; Rational Team Concert 4.0 ...

5.4CVSS4.9AI score0.00541EPSS

CVE•added 2018/07/03 7:29 p.m.•33 views

CVE-2017-1250

5.4CVSS5.5AI score0.00182EPSS

CVE•added 2018/07/03 7:29 p.m.•33 views

CVE-2017-1315

5.4CVSS5.4AI score0.00175EPSS

CVE•added 2019/03/14 10:29 p.m.•33 views

CVE-2018-1829

5.4CVSS5.2AI score0.00229EPSS

CVE•added 2017/07/05 6:29 p.m.•32 views

CVE-2016-9700

IBM Jazz Foundation could allow an authenticated attacker to obtain sensitive information from error message stack traces. IBM X-Force ID: 119528.

4.3CVSS4.1AI score0.00177EPSS

CVE•added 2018/07/03 7:29 p.m.•32 views

CVE-2017-1317

5.4CVSS5.4AI score0.00175EPSS

CVE•added 2019/03/14 10:29 p.m.•32 views

CVE-2018-1825

5.4CVSS5.2AI score0.00229EPSS

CVE•added 2019/03/14 10:29 p.m.•31 views

CVE-2018-1658

IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 through 6.0.6) is vulnerable to HTTP header injection, caused by improper validation of input. By persuading a victim to visit a specially-crafted Web page, a remote attacker could exploit this vulnerability to inject arbitrar...

5.4CVSS5.3AI score0.00128EPSS

CVE•added 2019/03/14 10:29 p.m.•30 views

CVE-2018-1824

5.4CVSS5.2AI score0.00229EPSS

CVE•added 2017/05/15 9:29 p.m.•29 views

CVE-2016-9735

IBM Jazz Foundation could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID: 119781,

4.3CVSS4.1AI score0.00204EPSS

Total number of security vulnerabilities144