Rational Engineering Lifecycle Manager Security Vulnerabilities and Issues — Rational Engineering Lifecycle Manager CVE List

Lucene search

IbmRational Engineering Lifecycle Manager

6 matches found

CVE•added 2018/07/06 2:29 p.m.•50 views

CVE-2017-1237

IBM Jazz based applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124355.

5.4CVSS5.2AI score0.00182EPSS

CVE•added 2018/07/06 2:29 p.m.•49 views

CVE-2017-1509

IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid future attacks. IBM X-Force ID: 129719.

4.3CVSS4.3AI score0.00137EPSS

CVE•added 2018/07/06 2:29 p.m.•47 views

CVE-2017-1559

Multiple IBM Rational products could disclose sensitive information by an attacker that intercepts vulnerable requests. IBM X-Force ID: 131758.

4.3CVSS5.6AI score0.00179EPSS

CVE•added 2018/07/06 2:29 p.m.•44 views

CVE-2017-1488

An undisclosed vulnerability in Jazz common products exists with potential for information disclosure. IBM X-Force ID: 128627.

5.3CVSS4.9AI score0.00187EPSS

CVE•added 2018/07/10 4:29 p.m.•39 views

CVE-2018-1423

IBM Jazz Foundation products could disclose sensitive information to an authenticated attacker that could be used in further attacks against the system. IBM X-Force ID: 139026.

6.5CVSS6.1AI score0.00186EPSS

CVE•added 2018/07/10 4:29 p.m.•39 views

CVE-2018-1492

IBM Jazz Foundation products could allow a user with physical access to the system to log in as another user due to the server's failure to properly log out from the previous session. IBM X-Force ID: 140977.

6.8CVSS6.3AI score0.00051EPSS