U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:6.0.2:*:*:*:*:*:*:*
There are 109 matching records.
Displaying matches 61 through 80.
Vuln ID Summary CVSS Severity
CVE-2017-1313

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125724.

Published: July 03, 2018; 3:29:00 PM -0400
V3.0: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2017-1312

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125723.

Published: July 03, 2018; 3:29:00 PM -0400
V3.0: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2017-1306

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125460.

Published: July 03, 2018; 3:29:00 PM -0400
V3.0: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2017-1299

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125161.

Published: July 03, 2018; 3:29:00 PM -0400
V3.0: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2017-1294

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125155.

Published: July 03, 2018; 3:29:00 PM -0400
V3.0: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2017-1293

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125154.

Published: July 03, 2018; 3:29:00 PM -0400
V3.0: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2017-1281

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124759.

Published: July 03, 2018; 3:29:00 PM -0400
V3.0: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2017-1280

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124758.

Published: July 03, 2018; 3:29:00 PM -0400
V3.0: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2017-1277

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124752.

Published: July 03, 2018; 3:29:00 PM -0400
V3.0: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2017-1275

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124750.

Published: July 03, 2018; 3:29:00 PM -0400
V3.0: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2017-1250

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force 124630.

Published: July 03, 2018; 3:29:00 PM -0400
V3.0: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2017-1734

IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM), and Rational Software Architect (RSA DM) stores potentially sensitive information in a cache that could be read by authenticated users. IBM X-Force ID: 134915.

Published: April 24, 2018; 10:29:00 AM -0400
V3.0: 4.3 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2017-1725

IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM), and Rational Software Architect (RSA DM) contain an undisclosed vulnerability with the potential for information disclosure. IBM X-Force ID: 134820.

Published: April 24, 2018; 10:29:00 AM -0400
V3.0: 4.3 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2017-1700

IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM), and Rational Software Architect (RSA DM) could allow an authenticated user to cause a denial of service due to incorrect authorization for resource intensive scenarios. IBM X-Force ID: 134392.

Published: April 24, 2018; 10:29:00 AM -0400
V3.0: 6.5 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2017-1701

IBM Team Concert (RTC) 5.0, 5.0.1, 5.0.2, 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, and 6.0.5 stores credentials for users using a weak encryption algorithm, which could allow an authenticated user to obtain highly sensitive information. IBM X-Force ID: 134393.

Published: April 23, 2018; 9:29:00 AM -0400
V3.0: 8.8 HIGH
V2.0: 4.0 MEDIUM
CVE-2017-1762

IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 136006.

Published: March 23, 2018; 3:29:00 PM -0400
V3.0: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2017-1655

IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 133379.

Published: March 23, 2018; 3:29:00 PM -0400
V3.0: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2017-1629

IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 133127.

Published: March 23, 2018; 3:29:00 PM -0400
V3.0: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2017-1602

IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to access settings that they should not be able to using a specially crafted URL. IBM X-Force ID: 132625.

Published: March 23, 2018; 3:29:00 PM -0400
V3.0: 4.3 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2017-1524

IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to obtain sensitive information from a specially crafted HTTP request that could be used to aid future attacks. IBM X-Force ID: 129970.

Published: March 23, 2018; 3:29:00 PM -0400
V3.0: 4.3 MEDIUM
V2.0: 4.0 MEDIUM