Rational Engineering Lifecycle Manager Security Vulnerabilities and Issues — Rational Engineering Lifecycle Manager CVE List

Lucene search

IbmRational Engineering Lifecycle Manager

9 matches found

CVE•added 2019/05/01 4:29 p.m.•44 views

CVE-2018-1608

IBM Rational Engineering Lifecycle Manager 6.0 through 6.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 143798.

7.5CVSS7.2AI score0.00136EPSS

CVE•added 2019/06/27 2:15 p.m.•44 views

CVE-2019-4252

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 159883.

7.5CVSS7.2AI score0.00612EPSS

CVE•added 2021/10/27 4:15 p.m.•44 views

CVE-2021-29774

IBM Jazz Team Server products could allow an authenticated user to obtain elevated privileges under certain configurations. IBM X-Force ID: 203025.

7.5CVSS7.5AI score0.00269EPSS

CVE•added 2018/09/25 4:0 p.m.•43 views

CVE-2018-1607

IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 1...

7.1CVSS6.8AI score0.00359EPSS

CVE•added 2021/03/30 5:15 p.m.•43 views

CVE-2021-20502

IBM Jazz Foundation Products are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 198059.

7.1CVSS7.2AI score0.00274EPSS

CVE•added 2018/03/15 10:29 p.m.•42 views

CVE-2015-7440

IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 ...

7.8CVSS7.3AI score0.00049EPSS

CVE•added 2021/04/12 6:15 p.m.•40 views

CVE-2020-4965

IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 192422.

7.5CVSS7.6AI score0.00111EPSS

CVE•added 2018/09/25 4:0 p.m.•31 views

CVE-2018-1588

IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6) is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resour...

7.1CVSS6.8AI score0.00359EPSS

CVE•added 2018/11/02 3:29 p.m.•31 views

CVE-2018-1846

IBM Rational Engineering Lifecycle Manager 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID:...

7.1CVSS6.8AI score0.00351EPSS