Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:ibm:rational_requirements_composer:3.5:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2015-0112 |
Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Quality Manager (RQM) 2.0 through 2.0.1, 3.0 through 3.0.1.6, 4.0 through 4.0.7, and 5.0 through 5.0.2; Rational Team Concert (RTC) 2.0 through 2.0.0.2, 3.x before 3.0.1.6 IF6, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Requirements Composer (RRC) 2.0 through 2.0.0.4, 3.x before 3.0.1.6 IF6, and 4.0 through 4.0.7; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF5 and 5.x before 5.0.2 IF4; Rational Engineering Lifecycle Manager (RELM) 1.0 through 1.0.0.1, 4.0.3 through 4.0.7, and 5.0 through 5.0.2; Rational Rhapsody Design Manager (DM) 3.0 through 3.0.1, 4.0 through 4.0.7, and 5.0 through 5.0.2; and Rational Software Architect Design Manager (RSA DM) 3.0 through 3.0.1, 4.0 through 4.0.7, and 5.0 through 5.0.2 allows remote authenticated users to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. Published: June 07, 2015; 2:59:03 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2013-3039 |
IBM Rational Requirements Composer before 4.0.4 does not properly perform authentication, which has unspecified impact and remote attack vectors. Published: September 12, 2013; 9:28:32 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.4 MEDIUM |
CVE-2013-3038 |
Unspecified vulnerability in IBM Rational Requirements Composer before 4.0.4 makes it easier for remote attackers to discover credentials via unknown vectors. Published: September 12, 2013; 9:28:31 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.4 MEDIUM |
CVE-2013-3037 |
Unspecified vulnerability in IBM Rational Requirements Composer before 4.0.4 makes it easier for local users to gain privileges via unknown vectors. Published: September 12, 2013; 9:28:31 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.4 MEDIUM |
CVE-2013-3036 |
Open redirect vulnerability in IBM Rational Requirements Composer before 4.0.4 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL. Published: September 12, 2013; 9:28:31 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.9 MEDIUM |