Lucene search

K
IbmRational Doors Next Generation

40 matches found

CVE
CVE
added 2018/07/06 2:29 p.m.50 views

CVE-2017-1237

IBM Jazz based applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124355.

5.4CVSS5.2AI score0.00182EPSS
CVE
CVE
added 2018/07/06 2:29 p.m.49 views

CVE-2017-1509

IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid future attacks. IBM X-Force ID: 129719.

4.3CVSS4.3AI score0.00137EPSS
CVE
CVE
added 2018/03/15 10:29 p.m.47 views

CVE-2015-7453

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4....

6.1CVSS5.7AI score0.00187EPSS
CVE
CVE
added 2018/07/06 2:29 p.m.47 views

CVE-2017-1559

Multiple IBM Rational products could disclose sensitive information by an attacker that intercepts vulnerable requests. IBM X-Force ID: 131758.

4.3CVSS5.6AI score0.00179EPSS
CVE
CVE
added 2018/03/23 7:29 p.m.46 views

CVE-2017-1629

IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a t...

5.4CVSS5.2AI score0.00216EPSS
CVE
CVE
added 2018/04/24 2:29 p.m.46 views

CVE-2017-1700

IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody...

6.5CVSS6.2AI score0.00269EPSS
CVE
CVE
added 2018/04/24 2:29 p.m.46 views

CVE-2017-1725

IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody...

4.3CVSS4.7AI score0.00252EPSS
CVE
CVE
added 2018/07/06 2:29 p.m.44 views

CVE-2017-1488

An undisclosed vulnerability in Jazz common products exists with potential for information disclosure. IBM X-Force ID: 128627.

5.3CVSS4.9AI score0.00187EPSS
CVE
CVE
added 2018/06/27 6:29 p.m.44 views

CVE-2018-1457

An undisclosed vulnerability in IBM Rational DOORS 9.5.1 through 9.6.1.10 application allows an attacker to gain DOORS administrator privileges. IBM X-Force ID: 140208.

9.8CVSS9AI score0.00461EPSS
CVE
CVE
added 2018/01/16 7:29 p.m.43 views

CVE-2016-0219

XML external entity (XXE) vulnerability in IBM Rational Team Concert 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0 before 5.0.2 iFix15, and 6.0 before 6.0.1 iFix4 allows remote authenticated users to cause a denial of service via crafted XML data. IBM X-Force ID: 109693.

6.5CVSS5.9AI score0.00395EPSS
CVE
CVE
added 2018/03/15 10:29 p.m.42 views

CVE-2015-7440

IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 ...

7.8CVSS7.3AI score0.00049EPSS
CVE
CVE
added 2018/01/26 9:29 p.m.42 views

CVE-2017-1653

IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 6.0.x) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

5.4CVSS5.1AI score0.00574EPSS
CVE
CVE
added 2018/08/20 9:29 p.m.42 views

CVE-2017-1753

Multiple IBM Rational products are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 135655.

5.4CVSS5.5AI score0.00078EPSS
CVE
CVE
added 2018/04/12 3:29 p.m.42 views

CVE-2017-1790

IBM DOORS Next Generation (DNG/RRC) 5.0, 5.0.1, 5.0.2, and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a truste...

5.4CVSS5.2AI score0.00198EPSS
CVE
CVE
added 2018/08/20 9:29 p.m.42 views

CVE-2018-1394

Multiple IBM Rational products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138425.

5.4CVSS5.2AI score0.00105EPSS
CVE
CVE
added 2018/08/06 2:29 p.m.42 views

CVE-2018-1422

IBM Jazz Foundation products (IBM Rational DOORS Next Generation 5.0 through 5.0.2 and 6.0 through 6.0.5) are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credenti...

5.4CVSS5.2AI score0.00151EPSS
CVE
CVE
added 2018/10/02 3:29 p.m.42 views

CVE-2018-1558

IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure with...

5.4CVSS5.1AI score0.00158EPSS
CVE
CVE
added 2018/03/23 7:29 p.m.41 views

CVE-2017-1524

IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to obtain sensitive information from a specially crafted HTTP request that could be used to aid future attacks. IBM X-Force ID: 129970.

4.3CVSS4.3AI score0.00264EPSS
CVE
CVE
added 2018/03/23 7:29 p.m.41 views

CVE-2017-1602

IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to access settings that they should not be able to using a specially crafted URL. IBM X-Force ID: 132625.

4.3CVSS4.5AI score0.00165EPSS
CVE
CVE
added 2018/03/23 7:29 p.m.41 views

CVE-2017-1655

IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a t...

5.4CVSS5.2AI score0.00216EPSS
CVE
CVE
added 2018/11/06 4:29 p.m.41 views

CVE-2018-1694

IBM Jazz applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Quality Manager 5...

5.9CVSS5.4AI score0.00266EPSS
CVE
CVE
added 2018/04/24 2:29 p.m.40 views

CVE-2017-1734

IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody...

4.3CVSS4.5AI score0.0021EPSS
CVE
CVE
added 2018/03/15 10:29 p.m.39 views

CVE-2015-7471

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4....

4.8CVSS4.9AI score0.00132EPSS
CVE
CVE
added 2018/07/10 4:29 p.m.39 views

CVE-2018-1423

IBM Jazz Foundation products could disclose sensitive information to an authenticated attacker that could be used in further attacks against the system. IBM X-Force ID: 139026.

6.5CVSS6.1AI score0.00186EPSS
CVE
CVE
added 2018/07/10 4:29 p.m.39 views

CVE-2018-1492

IBM Jazz Foundation products could allow a user with physical access to the system to log in as another user due to the server's failure to properly log out from the previous session. IBM X-Force ID: 140977.

6.8CVSS6.3AI score0.00051EPSS
CVE
CVE
added 2018/09/26 3:29 p.m.39 views

CVE-2018-1610

IBM Rational DOORS Next Generation 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

5.4CVSS5.2AI score0.00158EPSS
CVE
CVE
added 2018/11/29 5:0 p.m.39 views

CVE-2018-1762

IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure wit...

5.4CVSS5.1AI score0.00229EPSS
CVE
CVE
added 2018/11/06 4:29 p.m.38 views

CVE-2018-1606

IBM Jazz based applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Quality Man...

4.3CVSS4.3AI score0.00184EPSS
CVE
CVE
added 2018/01/26 9:29 p.m.37 views

CVE-2017-1545

IBM Doors Web Access 9.5 and 9.6 could allow an attacker with physical access to the system to log into the application using previously stored credentials. IBM X-Force ID: 130914.

6.8CVSS6.1AI score0.00065EPSS
CVE
CVE
added 2018/07/19 2:29 p.m.37 views

CVE-2018-1529

IBM Rational DOORS Next Generation 5.0 through 5.0.2, 6.0 through 6.0.5 and IBM Rational Requirements Composer 5.0 through 5.0.2 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentia...

5.4CVSS5.2AI score0.00237EPSS
CVE
CVE
added 2018/03/23 7:29 p.m.36 views

CVE-2017-1762

IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a t...

5.4CVSS5.2AI score0.00216EPSS
CVE
CVE
added 2018/07/06 2:29 p.m.36 views

CVE-2018-1494

IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

5.4CVSS5.2AI score0.00182EPSS
CVE
CVE
added 2018/03/20 9:29 p.m.35 views

CVE-2015-7449

IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Quality Manager (RQM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Ration...

3.3CVSS3.5AI score0.00018EPSS
CVE
CVE
added 2018/01/26 9:29 p.m.35 views

CVE-2017-1515

IBM Doors Web Access 9.5 and 9.6 could allow an authenticated user to obtain sensitive information from HTTP internal server error responses. IBM X-Force ID: 129825.

4.3CVSS4.6AI score0.0037EPSS
CVE
CVE
added 2018/01/26 9:29 p.m.34 views

CVE-2017-1516

IBM Doors Web Access 9.5 and 9.6 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the v...

5.4CVSS5.7AI score0.00251EPSS
CVE
CVE
added 2018/01/26 9:29 p.m.33 views

CVE-2017-1540

IBM Doors Web Access 9.5 and 9.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 130808.

5.4CVSS5.3AI score0.00237EPSS
CVE
CVE
added 2018/01/26 9:29 p.m.32 views

CVE-2017-1563

IBM Doors Web Access 9.5 and 9.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 131763.

5.4CVSS5.3AI score0.00237EPSS
CVE
CVE
added 2018/01/26 9:29 p.m.31 views

CVE-2017-1567

IBM Doors Web Access 9.5 and 9.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 131769.

5.4CVSS5.3AI score0.00316EPSS
CVE
CVE
added 2018/06/27 6:29 p.m.31 views

CVE-2018-1507

IBM DOORS Next Generation (DNG/RRC) 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 141415.

5.4CVSS5.2AI score0.00234EPSS
CVE
CVE
added 2018/01/26 9:29 p.m.30 views

CVE-2017-1532

IBM DOORS 9.5 and 9.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 130411.

5.4CVSS5.3AI score0.00316EPSS