Rhapsody Model Manager Security Vulnerabilities and Issues — Rhapsody Model Manager CVE List

Lucene search

IbmRhapsody Model Manager

23 matches found

CVE•added 2021/01/08 9:15 p.m.•72 views

CVE-2020-4697

IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186790.

5.4CVSS5.1AI score0.00236EPSS

CVE•added 2021/01/08 9:15 p.m.•68 views

CVE-2020-4544

IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 183189.

4.3CVSS4.4AI score0.00112EPSS

CVE•added 2021/01/08 9:15 p.m.•67 views

CVE-2020-4487

4.3CVSS4.4AI score0.00112EPSS

CVE•added 2021/01/08 9:15 p.m.•66 views

CVE-2020-4733

5.4CVSS5.1AI score0.00179EPSS

CVE•added 2021/01/08 9:15 p.m.•61 views

CVE-2020-4691

IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186698.

5.4CVSS5.1AI score0.00236EPSS

CVE•added 2019/06/27 2:15 p.m.•52 views

CVE-2018-1827

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS5.4AI score0.00208EPSS

CVE•added 2019/06/27 2:15 p.m.•50 views

CVE-2018-1758

5.4CVSS5.5AI score0.00208EPSS

CVE•added 2021/01/27 5:15 p.m.•45 views

CVE-2021-20357

IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194963.

5.4CVSS5.2AI score0.00158EPSS

CVE•added 2019/06/27 2:15 p.m.•44 views

CVE-2018-1734

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 discloses sensitive information in error messages that may be used by a malicious user to orchestrate further attacks. IBM X-Force ID: 147838.

4.3CVSS4.7AI score0.00156EPSS

CVE•added 2019/06/27 2:15 p.m.•44 views

CVE-2018-1760

5.4CVSS5.4AI score0.00208EPSS

CVE•added 2019/06/27 2:15 p.m.•44 views

CVE-2018-1826

5.4CVSS5.4AI score0.00208EPSS

CVE•added 2019/06/27 2:15 p.m.•41 views

CVE-2018-1893

5.4CVSS5.4AI score0.00208EPSS

CVE•added 2021/04/12 6:15 p.m.•41 views

CVE-2021-20519

IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198441.

5.4CVSS5.6AI score0.00157EPSS

CVE•added 2021/04/12 6:15 p.m.•40 views

CVE-2020-4965

IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 192422.

7.5CVSS7.6AI score0.00111EPSS

CVE•added 2019/06/27 2:15 p.m.•39 views

CVE-2018-1828

5.4CVSS5.4AI score0.00208EPSS

CVE•added 2019/06/27 2:15 p.m.•39 views

CVE-2018-1892

5.4CVSS5.4AI score0.00208EPSS

CVE•added 2021/01/27 5:15 p.m.•38 views

CVE-2020-4865

5.4CVSS5.2AI score0.00208EPSS

CVE•added 2021/04/12 6:15 p.m.•38 views

CVE-2020-4920

IBM Jazz Team Server products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191396.

6.4CVSS5.5AI score0.00128EPSS

CVE•added 2021/01/27 5:15 p.m.•37 views

CVE-2020-4855

5.4CVSS5.2AI score0.00158EPSS

CVE•added 2021/04/12 6:15 p.m.•37 views

CVE-2020-4964

IBM Jazz Team Server products contain an undisclosed vulnerability that could allow an authenticated user to present a customized message on the application which could be used to phish other users. IBM X-Force ID: 192419.

4.3CVSS5.2AI score0.00153EPSS

CVE•added 2021/01/27 5:15 p.m.•35 views

CVE-2020-4547

IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victi...

5.4CVSS5.3AI score0.00089EPSS

CVE•added 2018/08/07 1:29 p.m.•33 views

CVE-2018-1690

IBM Rhapsody Model Manager 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 145510.

5.4CVSS5.2AI score0.00182EPSS

CVE•added 2021/01/27 5:15 p.m.•33 views

CVE-2020-4524

5.4CVSS5.2AI score0.00158EPSS