Rational Quality Manager Security Vulnerabilities and Issues — Page 4 of Rational Quality Manager CVE List

Lucene search

IbmRational Quality Manager

202 matches found

CVE•added 2018/10/02 3:29 p.m.•36 views

CVE-2018-1440

IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ...

5.4CVSS5.4AI score0.00158EPSS

CVE•added 2018/07/10 4:29 p.m.•36 views

CVE-2018-1549

IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. This would allow the attack...

5.4CVSS5.3AI score0.00109EPSS

CVE•added 2020/04/08 2:15 p.m.•36 views

CVE-2019-4602

IBM Quality Manager (RQM) 6.02, 6.06, and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...

5.4CVSS5.2AI score0.00111EPSS

CVE•added 2015/03/18 10:59 a.m.•35 views

CVE-2014-6131

IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team Concert 2.x and 3.x bef...

4CVSS6.2AI score0.00158EPSS

CVE•added 2015/03/18 10:59 a.m.•35 views

CVE-2015-0128

Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix4, 4.x before 4.0.7 iFix3, and 5.x before 5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-0124.

3.5CVSS5.2AI score0.00188EPSS

CVE•added 2015/07/20 1:59 a.m.•35 views

CVE-2015-0130

Cross-site scripting (XSS) vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Quality Manager (RQM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Team Concert (RTC) 4.x befor...

3.5CVSS5.2AI score0.00166EPSS

CVE•added 2018/03/20 9:29 p.m.•35 views

CVE-2015-7449

IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Quality Manager (RQM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Ration...

3.3CVSS3.5AI score0.00018EPSS

CVE•added 2018/07/06 2:29 p.m.•35 views

CVE-2017-1248

IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 124628.

6.1CVSS6.2AI score0.00177EPSS

CVE•added 2018/10/02 3:29 p.m.•35 views

CVE-2018-1605

5.4CVSS5.4AI score0.00158EPSS

CVE•added 2018/10/02 3:29 p.m.•35 views

CVE-2018-1691

5.4CVSS5.4AI score0.00158EPSS

CVE•added 2019/03/14 10:29 p.m.•35 views

CVE-2018-1759

IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148...

5.4CVSS5.2AI score0.00229EPSS

CVE•added 2019/03/14 11:0 p.m.•35 views

CVE-2018-1916

IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a ...

5.4CVSS5.1AI score0.00229EPSS

CVE•added 2020/09/02 7:15 p.m.•35 views

CVE-2020-4546

IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 183314.

5.4CVSS5.2AI score0.00236EPSS

CVE•added 2021/01/27 5:15 p.m.•35 views

CVE-2020-4547

IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victi...

5.4CVSS5.3AI score0.00089EPSS

CVE•added 2021/03/04 7:15 p.m.•35 views

CVE-2020-4975

IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 192435.

5.4CVSS5.5AI score0.0025EPSS

CVE•added 2015/03/18 10:59 a.m.•34 views

CVE-2014-6129

5.5CVSS6.3AI score0.00348EPSS

CVE•added 2015/03/18 10:59 a.m.•34 views

CVE-2015-0124

3.5CVSS5.2AI score0.00188EPSS

CVE•added 2018/10/02 3:29 p.m.•34 views

CVE-2018-1395

5.4CVSS5.4AI score0.00158EPSS

CVE•added 2018/07/10 4:29 p.m.•34 views

CVE-2018-1396

IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessi...

5.4CVSS5.2AI score0.0018EPSS

CVE•added 2019/03/14 10:29 p.m.•34 views

CVE-2018-1823

5.4CVSS5.2AI score0.00229EPSS

CVE•added 2020/04/08 2:15 p.m.•34 views

CVE-2019-4601

IBM Quality Manager (RQM) 6.02, 6.06, and 6.0.6.1 could allow an authenticated user to obtain sensitive information from a stack trace that could aid in further attacks against the system.

4.3CVSS4.4AI score0.00119EPSS

CVE•added 2015/06/07 6:59 p.m.•33 views

CVE-2015-0112

Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Quality Manager (RQM) 2.0 through 2.0.1, 3.0 through 3.0.1.6, 4.0 through 4.0.7, and 5.0 through 5.0.2; Rational Team Concert (RTC) 2.0 throug...

4CVSS6.3AI score0.00206EPSS

CVE•added 2016/11/25 8:59 p.m.•33 views

CVE-2016-2926

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix19, and 6.0 before 6.0.2 iFix3; Rational Quality Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix19, and 6.0 before 6.0.2 iFix3; Rational Team Concert 4.0 ...

5.4CVSS4.9AI score0.00541EPSS

CVE•added 2018/07/03 7:29 p.m.•33 views

CVE-2017-1250

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially lead...

5.4CVSS5.5AI score0.00182EPSS

CVE•added 2018/07/03 7:29 p.m.•33 views

CVE-2017-1315

5.4CVSS5.4AI score0.00175EPSS

CVE•added 2018/07/10 4:29 p.m.•33 views

CVE-2017-1729

5.4CVSS5.2AI score0.00182EPSS

CVE•added 2018/10/02 3:29 p.m.•33 views

CVE-2018-1405

5.4CVSS5.4AI score0.00158EPSS

CVE•added 2018/10/04 3:0 p.m.•33 views

CVE-2018-1604

5.4CVSS5.2AI score0.00158EPSS

CVE•added 2019/03/14 10:29 p.m.•33 views

CVE-2018-1763

5.4CVSS5.2AI score0.00229EPSS

CVE•added 2019/03/14 10:29 p.m.•33 views

CVE-2018-1829

5.4CVSS5.2AI score0.00229EPSS

CVE•added 2021/01/27 5:15 p.m.•33 views

CVE-2020-4524

IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182434.

5.4CVSS5.2AI score0.00158EPSS

CVE•added 2014/12/19 2:59 a.m.•32 views

CVE-2014-4801

Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager 2.x through 2.0.1.1, 3.x before 3.0.1.6 iFix 4, 4.x before 4.0.7 iFix 2, and 5.x before 5.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

3.5CVSS5.2AI score0.00166EPSS

CVE•added 2017/07/05 6:29 p.m.•32 views

CVE-2016-9700

IBM Jazz Foundation could allow an authenticated attacker to obtain sensitive information from error message stack traces. IBM X-Force ID: 119528.

4.3CVSS4.1AI score0.00177EPSS

CVE•added 2018/07/03 7:29 p.m.•32 views

CVE-2017-1317

5.4CVSS5.4AI score0.00175EPSS

CVE•added 2018/10/02 3:29 p.m.•32 views

CVE-2018-1601

5.4CVSS5.4AI score0.00158EPSS

CVE•added 2018/10/04 3:0 p.m.•32 views

CVE-2018-1603

5.4CVSS5.2AI score0.00158EPSS

CVE•added 2019/03/14 10:29 p.m.•32 views

CVE-2018-1764

5.4CVSS5.2AI score0.00229EPSS

CVE•added 2019/03/14 10:29 p.m.•32 views

CVE-2018-1825

5.4CVSS5.2AI score0.00229EPSS

CVE•added 2018/07/10 4:29 p.m.•31 views

CVE-2017-1792

5.4CVSS5.2AI score0.00182EPSS

CVE•added 2018/10/02 3:29 p.m.•31 views

CVE-2018-1403

5.4CVSS5.4AI score0.00158EPSS

CVE•added 2018/10/02 3:29 p.m.•31 views

CVE-2018-1557

5.4CVSS5.4AI score0.00158EPSS

CVE•added 2017/03/31 6:59 p.m.•30 views

CVE-2016-6022

IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 2000...

5.4CVSS5.7AI score0.00227EPSS

CVE•added 2018/07/10 4:29 p.m.•30 views

CVE-2017-1793

5.4CVSS5.2AI score0.00182EPSS

CVE•added 2018/10/02 3:29 p.m.•30 views

CVE-2018-1439

5.4CVSS5.4AI score0.00158EPSS

CVE•added 2019/03/14 10:29 p.m.•30 views

CVE-2018-1824

5.4CVSS5.2AI score0.00229EPSS

CVE•added 2017/05/10 2:29 p.m.•29 views

CVE-2016-6035

IBM Rational Quality Manager is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 116896.

5.4CVSS5.5AI score0.00258EPSS

CVE•added 2017/05/15 9:29 p.m.•29 views

CVE-2016-9735

IBM Jazz Foundation could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID: 119781,

4.3CVSS4.1AI score0.00204EPSS

CVE•added 2018/10/02 3:29 p.m.•29 views

CVE-2018-1522

5.4CVSS5.4AI score0.00158EPSS

CVE•added 2018/07/10 4:29 p.m.•28 views

CVE-2018-1523

5.4CVSS5.2AI score0.00182EPSS

CVE•added 2015/03/13 1:59 a.m.•27 views

CVE-2015-0129

Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager (RQM) 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

3.5CVSS5.2AI score0.00166EPSS

Total number of security vulnerabilities202