Lucene search

K
IbmRational Team Concert6.0.2

86 matches found

CVE
CVE
added 2018/04/24 2:29 p.m.40 views

CVE-2017-1734

IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody...

4.3CVSS4.5AI score0.0021EPSS
CVE
CVE
added 2019/03/14 11:0 p.m.40 views

CVE-2018-1982

IBM Rational Team Concert 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 154135...

5.4CVSS5.2AI score0.00229EPSS
CVE
CVE
added 2021/03/04 7:15 p.m.40 views

CVE-2020-4856

IBM Engineering products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190459.

6.4CVSS5.4AI score0.0025EPSS
CVE
CVE
added 2021/04/12 6:15 p.m.40 views

CVE-2020-4965

IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 192422.

7.5CVSS7.6AI score0.00111EPSS
CVE
CVE
added 2021/03/04 7:15 p.m.40 views

CVE-2021-20350

IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194707.

5.4CVSS5.5AI score0.00208EPSS
CVE
CVE
added 2021/10/27 4:15 p.m.40 views

CVE-2021-29786

IBM Jazz Team Server products stores user credentials in clear text which can be read by an authenticated user. IBM X-Force ID: 203172.

6.5CVSS6.6AI score0.00087EPSS
CVE
CVE
added 2016/11/24 7:59 p.m.39 views

CVE-2016-0285

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 be...

5.4CVSS5.1AI score0.00168EPSS
CVE
CVE
added 2018/07/10 4:29 p.m.39 views

CVE-2018-1423

IBM Jazz Foundation products could disclose sensitive information to an authenticated attacker that could be used in further attacks against the system. IBM X-Force ID: 139026.

6.5CVSS6.1AI score0.00186EPSS
CVE
CVE
added 2018/07/10 4:29 p.m.39 views

CVE-2018-1492

IBM Jazz Foundation products could allow a user with physical access to the system to log in as another user due to the server's failure to properly log out from the previous session. IBM X-Force ID: 140977.

6.8CVSS6.3AI score0.00051EPSS
CVE
CVE
added 2020/07/16 3:15 p.m.39 views

CVE-2019-4747

IBM Team Concert (RTC) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 172887.

5.4CVSS5.3AI score0.00179EPSS
CVE
CVE
added 2021/03/04 7:15 p.m.39 views

CVE-2020-4863

IBM Engineering products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190566.

6.4CVSS5.4AI score0.00177EPSS
CVE
CVE
added 2018/11/06 4:29 p.m.38 views

CVE-2018-1606

IBM Jazz based applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Quality Man...

4.3CVSS4.3AI score0.00184EPSS
CVE
CVE
added 2019/03/14 11:0 p.m.38 views

CVE-2018-1984

IBM Rational Team Concert 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 154137...

5.4CVSS5.2AI score0.00229EPSS
CVE
CVE
added 2020/07/16 3:15 p.m.38 views

CVE-2019-4748

IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 173174.

5.4CVSS5.2AI score0.00179EPSS
CVE
CVE
added 2021/04/12 6:15 p.m.38 views

CVE-2020-4920

IBM Jazz Team Server products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191396.

6.4CVSS5.5AI score0.00128EPSS
CVE
CVE
added 2016/11/24 7:59 p.m.37 views

CVE-2016-2864

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 be...

5.4CVSS5.1AI score0.00168EPSS
CVE
CVE
added 2017/05/10 2:29 p.m.37 views

CVE-2016-6037

IBM Rational Team Concert (RTC) is vulnerable to HTML injection. A remote attacker with project administrator privileges could send a project that contains malicious HTML code, which when the project is viewed, would be executed in the victim's Web browser within the security context of the hosting...

4.8CVSS5.8AI score0.00152EPSS
CVE
CVE
added 2018/10/29 3:29 p.m.37 views

CVE-2018-1766

IBM Team Concert (RTC) 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IB...

5.4CVSS5.2AI score0.00111EPSS
CVE
CVE
added 2021/04/12 6:15 p.m.37 views

CVE-2020-4964

IBM Jazz Team Server products contain an undisclosed vulnerability that could allow an authenticated user to present a customized message on the application which could be used to phish other users. IBM X-Force ID: 192419.

4.3CVSS5.2AI score0.00153EPSS
CVE
CVE
added 2017/07/05 5:29 p.m.36 views

CVE-2017-1113

IBM Rational Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 1...

5.4CVSS5.2AI score0.00272EPSS
CVE
CVE
added 2018/04/23 1:29 p.m.36 views

CVE-2017-1701

IBM Team Concert (RTC) 5.0, 5.0.1, 5.0.2, 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, and 6.0.5 stores credentials for users using a weak encryption algorithm, which could allow an authenticated user to obtain highly sensitive information. IBM X-Force ID: 134393.

8.8CVSS8.2AI score0.00074EPSS
CVE
CVE
added 2018/03/20 9:29 p.m.35 views

CVE-2015-7449

IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Quality Manager (RQM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Ration...

3.3CVSS3.5AI score0.00018EPSS
CVE
CVE
added 2016/11/24 7:59 p.m.35 views

CVE-2016-0325

IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Team Concert 3.0....

7.5CVSS6.4AI score0.0047EPSS
CVE
CVE
added 2020/09/02 7:15 p.m.35 views

CVE-2020-4546

IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 183314.

5.4CVSS5.2AI score0.00236EPSS
CVE
CVE
added 2021/03/04 7:15 p.m.35 views

CVE-2020-4975

IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 192435.

5.4CVSS5.5AI score0.0025EPSS
CVE
CVE
added 2017/07/05 5:29 p.m.34 views

CVE-2016-9733

IBM Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 119762.

5.4CVSS5.2AI score0.00272EPSS
CVE
CVE
added 2017/07/05 5:29 p.m.34 views

CVE-2016-9746

IBM Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 119821.

5.4CVSS5.2AI score0.00272EPSS
CVE
CVE
added 2019/03/14 11:0 p.m.34 views

CVE-2018-1983

IBM Rational Team Concert 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 154136...

5.4CVSS5.2AI score0.00229EPSS
CVE
CVE
added 2016/11/25 8:59 p.m.33 views

CVE-2016-2926

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix19, and 6.0 before 6.0.2 iFix3; Rational Quality Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix19, and 6.0 before 6.0.2 iFix3; Rational Team Concert 4.0 ...

5.4CVSS4.9AI score0.00541EPSS
CVE
CVE
added 2018/07/10 3:29 p.m.33 views

CVE-2018-1407

IBM Rational Team Concert 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session....

5.4CVSS5.2AI score0.00182EPSS
CVE
CVE
added 2017/07/05 6:29 p.m.32 views

CVE-2016-9700

IBM Jazz Foundation could allow an authenticated attacker to obtain sensitive information from error message stack traces. IBM X-Force ID: 119528.

4.3CVSS4.1AI score0.00177EPSS
CVE
CVE
added 2019/03/14 10:29 p.m.32 views

CVE-2018-1761

IBM Rational Team Concert 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148615...

5.4CVSS5.2AI score0.00229EPSS
CVE
CVE
added 2018/07/10 3:29 p.m.31 views

CVE-2018-1408

IBM Rational Team Concert 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session....

5.4CVSS5.2AI score0.00182EPSS
CVE
CVE
added 2018/07/10 3:29 p.m.30 views

CVE-2018-1521

IBM Rational Team Concert 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session....

5.4CVSS5.2AI score0.0018EPSS
CVE
CVE
added 2017/05/10 2:29 p.m.29 views

CVE-2016-6035

IBM Rational Quality Manager is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 116896.

5.4CVSS5.5AI score0.00258EPSS
CVE
CVE
added 2017/05/15 9:29 p.m.29 views

CVE-2016-9735

IBM Jazz Foundation could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID: 119781,

4.3CVSS4.1AI score0.00204EPSS
Total number of security vulnerabilities86