Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
IBM Corporation

Rational Collaborative Lifecycle Management

19 Versions 17 CVEs

Versions

6.0

MAJOR_MINOR 13 CVEs

3.0.1.6

OTHER 13 CVEs

4.0.7

SEMANTIC 13 CVEs

4.0.2

SEMANTIC 13 CVEs

5.0.1

SEMANTIC 13 CVEs

4.0.6

SEMANTIC 13 CVEs

5.0.2

SEMANTIC 13 CVEs

3.0.1

SEMANTIC 13 CVEs

4.0.3

SEMANTIC 13 CVEs

6.0.2

SEMANTIC 13 CVEs

5.0

MAJOR_MINOR 13 CVEs

4.0.4

SEMANTIC 13 CVEs

4.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.5, 4.0.6, 5.0, 4.0.7, 5.0.1, 5.0.2, 6.0, 6.0.1, 6.0.2, 6.0.3

OTHER 1 CVE

4.0.5

SEMANTIC 13 CVEs

6.0.1

SEMANTIC 13 CVEs

4.0.1

SEMANTIC 13 CVEs

4.0.7, 5.0, 5.0.1, 5.0.2, 6.0, 6.0.1, 6.0.2, 6.0.3

OTHER 3 CVEs

6.0.3

SEMANTIC 13 CVEs

4.0

MAJOR_MINOR 13 CVEs

Recent CVEs

CVE-2016-9735

IBM Jazz Foundation could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID: 119781,

UNKNOWN May 15, 2017

CVE-2016-6037

IBM Rational Team Concert (RTC) is vulnerable to HTML injection. A remote attacker with project administrator privileges could send a project that contains malicious HTML code, which when the project is viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 116918.

UNKNOWN May 10, 2017

CVE-2016-6035

IBM Rational Quality Manager is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 116896.

UNKNOWN May 10, 2017

CVE-2017-1103

IBM Team Concert (RTC) is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM X-Force ID: 120665.

UNKNOWN May 10, 2017

CVE-2016-9707

IBM Jazz Foundation is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference #: 2000784.

UNKNOWN Mar 31, 2017

CVE-2016-2981

An undisclosed vulnerability in the CLM applications in IBM Jazz Team Server may allow unauthorized access to user credentials. IBM Reference #: 1999965.

UNKNOWN Mar 20, 2017

CVE-2016-8968

IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1998515.

UNKNOWN Feb 15, 2017

CVE-2016-6032

IBM Rational Team Concert 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

UNKNOWN Feb 08, 2017

CVE-2016-2866

An unspecified vulnerability in IBM Jazz Team Server may disclose some deployment information to an authenticated user.

UNKNOWN Feb 08, 2017

CVE-2016-2987

An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacker.

UNKNOWN Feb 01, 2017