Rational Quality Manager@6.0.1 Security Vulnerabilities and Issues — Page 2 of Rational Quality Manager@6.0.1 CVE List

CVE-2017-1280

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially lead...

5.4CVSS5.4AI score0.00162EPSS

CVE-2017-1281

5.4CVSS5.4AI score0.00162EPSS

CVE-2017-1568

CVE-2017-1621

CVE-2017-1690

CVE•added 2018/07/10 4:29 p.m.•39 views

CVE-2017-1791

IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessi...

5.4CVSS5.2AI score0.00182EPSS

CVE•added 2018/07/10 4:29 p.m.•39 views

CVE-2018-1423

IBM Jazz Foundation products could disclose sensitive information to an authenticated attacker that could be used in further attacks against the system. IBM X-Force ID: 139026.

6.5CVSS6.1AI score0.00186EPSS

CVE•added 2018/07/10 4:29 p.m.•39 views

CVE-2018-1492

IBM Jazz Foundation products could allow a user with physical access to the system to log in as another user due to the server's failure to properly log out from the previous session. IBM X-Force ID: 140977.

6.8CVSS6.3AI score0.00051EPSS

CVE•added 2017/03/31 6:59 p.m.•38 views

CVE-2016-6036

IBM Rational Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Referenc...

5.4CVSS5.7AI score0.00227EPSS

CVE•added 2018/11/02 3:29 p.m.•38 views

CVE-2017-1609

IBM Quality Manager (RQM) 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session....

5.4CVSS5.2AI score0.00229EPSS

CVE•added 2018/07/03 7:29 p.m.•38 views

CVE-2017-1651

CVE•added 2018/07/03 7:29 p.m.•38 views

CVE-2017-1691

CVE•added 2018/11/06 4:29 p.m.•38 views

CVE-2018-1606

IBM Jazz based applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Quality Man...

4.3CVSS4.3AI score0.00184EPSS

CVE•added 2016/10/22 3:59 a.m.•37 views

CVE-2016-0326

IBM Rational Quality Manager (RQM) and Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.x before 4.0.7 iFix11, 5.x before 5.0.2 iFix17, and 6.x before 6.0.1 ifix3 allow remote authenticated users to execute arbitrary OS commands via a crafted "HTML request."

8.8CVSS8.5AI score0.00894EPSS

CVE•added 2016/11/24 7:59 p.m.•37 views

CVE-2016-2864

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 be...

5.4CVSS5.1AI score0.00168EPSS

CVE•added 2017/05/10 2:29 p.m.•37 views

CVE-2016-6037

IBM Rational Team Concert (RTC) is vulnerable to HTML injection. A remote attacker with project administrator privileges could send a project that contains malicious HTML code, which when the project is viewed, would be executed in the victim's Web browser within the security context of the hosting...

4.8CVSS5.8AI score0.00152EPSS

CVE•added 2018/07/06 2:29 p.m.•37 views

CVE-2017-1329

IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 126231.

5.4CVSS5.7AI score0.00129EPSS

CVE•added 2018/07/03 7:29 p.m.•37 views

CVE-2017-1561

CVE•added 2018/07/03 7:29 p.m.•37 views

CVE-2017-1564

5.4CVSS5.2AI score0.00175EPSS

CVE•added 2018/10/02 3:29 p.m.•37 views

CVE-2017-1649

IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ...

CVE•added 2018/07/03 7:29 p.m.•37 views

CVE-2017-1715

CVE•added 2018/07/10 4:29 p.m.•37 views

CVE-2017-1738

IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 contains an undisclosed vulnerability that would allow an authenticated user to obtain elevated privileges. IBM X-Force ID: 134919.

6.3CVSS5.2AI score0.00121EPSS

CVE•added 2018/10/02 3:29 p.m.•37 views

CVE-2018-1692

CVE•added 2018/07/06 2:29 p.m.•36 views

CVE-2017-1238

IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force...

5.4CVSS5.3AI score0.00158EPSS

CVE•added 2018/07/03 7:29 p.m.•36 views

CVE-2017-1275

CVE•added 2018/07/03 7:29 p.m.•36 views

CVE-2017-1314

CVE•added 2018/10/02 3:29 p.m.•36 views

CVE-2018-1440

CVE•added 2018/07/10 4:29 p.m.•36 views

CVE-2018-1549

IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. This would allow the attack...

5.4CVSS5.3AI score0.00109EPSS

CVE•added 2018/03/20 9:29 p.m.•35 views

CVE-2015-7449

IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Quality Manager (RQM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Ration...

3.3CVSS3.5AI score0.00018EPSS

CVE•added 2018/07/06 2:29 p.m.•35 views

CVE-2017-1248

6.1CVSS6.2AI score0.00177EPSS

CVE•added 2018/10/02 3:29 p.m.•35 views

CVE-2018-1605

CVE•added 2018/10/02 3:29 p.m.•35 views

CVE-2018-1691

CVE•added 2019/03/14 10:29 p.m.•35 views

CVE-2018-1759

IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148...

5.4CVSS5.2AI score0.00229EPSS

CVE•added 2018/10/02 3:29 p.m.•34 views

CVE-2018-1395

CVE•added 2018/07/10 4:29 p.m.•34 views

CVE-2018-1396

5.4CVSS5.2AI score0.0018EPSS

CVE•added 2019/03/14 10:29 p.m.•34 views

CVE-2018-1823

5.4CVSS5.2AI score0.00229EPSS

CVE•added 2016/11/25 8:59 p.m.•33 views

CVE-2016-2926

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix19, and 6.0 before 6.0.2 iFix3; Rational Quality Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix19, and 6.0 before 6.0.2 iFix3; Rational Team Concert 4.0 ...

5.4CVSS4.9AI score0.00541EPSS

CVE•added 2018/07/03 7:29 p.m.•33 views

CVE-2017-1250

5.4CVSS5.5AI score0.00182EPSS

CVE•added 2018/07/03 7:29 p.m.•33 views

CVE-2017-1315