Rational License Key Server Security Vulnerabilities and Issues — Rational License Key Server CVE List

Lucene search

IbmRational License Key Server

3 matches found

CVE•added 2014/09/10 10:55 a.m.•32 views

CVE-2014-3079

The Administration and Reporting Tool in IBM Rational License Key Server (RLKS) 8.1.4.x before 8.1.4.4 allows remote authenticated users to bypass authorization checks and visit unspecified URLs with license-usage data via a DESCRIBE clause in a SPARQL query.

2.1CVSS6.1AI score0.00373EPSS

CVE•added 2014/09/10 10:55 a.m.•31 views

CVE-2014-4756

The Administration and Reporting Tool in IBM Rational License Key Server (RLKS) 8.1.4.x before 8.1.4.4 allows remote authenticated users to hijack sessions via unspecified vectors.

3.5CVSS6.1AI score0.00275EPSS

CVE•added 2014/09/10 10:55 a.m.•29 views

CVE-2014-0909

The Administration and Reporting Tool in IBM Rational License Key Server (RLKS) 8.1.4.x before 8.1.4.4 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.

5CVSS6.4AI score0.00349EPSS