Rational Requirements Composer@3.0.1.5 Security Vulnerabilities and Issues — Rational Requirements Composer@3.0.1.5 CVE List

Lucene search

IbmRational Requirements Composer3.0.1.5

4 matches found

CVE•added 2014/09/12 1:55 a.m.•45 views

CVE-2014-3092

IBM Jazz Team Server, as used in Rational Collaborative Lifecycle Management; Rational Quality Manager 3.x before 3.0.1.6 iFix 3, 4.x before 4.0.7, and 5.x before 5.0.1; and other Rational products, does not set the secure flag for the session cookie in an https session, which makes it easier for r...

5CVSS6.2AI score0.00225EPSS

CVE•added 2014/03/04 10:55 p.m.•42 views

CVE-2014-0844

Unspecified vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to read arbitrary data via unknown vectors.

3.5CVSS6.2AI score0.00158EPSS

CVE•added 2014/03/04 10:55 p.m.•35 views

CVE-2014-0846

Cross-site scripting (XSS) vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

3.5CVSS5.2AI score0.00188EPSS

CVE•added 2014/03/04 10:55 p.m.•32 views

CVE-2014-0845

Open redirect vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.

4.9CVSS6.2AI score0.0016EPSS