VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Sep 12, 2014· Updated May 6, 2026

CVE-2014-3092

CVE-2014-3092

Description

IBM Jazz Team Server, as used in Rational Collaborative Lifecycle Management; Rational Quality Manager 3.x before 3.0.1.6 iFix 3, 4.x before 4.0.7, and 5.x before 5.0.1; and other Rational products, does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.

Affected products

105
  • IBM/Rational Doors Next Generation8 versions
    cpe:2.3:a:ibm:rational_doors_next_generation:4.0.0:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:a:ibm:rational_doors_next_generation:4.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_doors_next_generation:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_doors_next_generation:4.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_doors_next_generation:4.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_doors_next_generation:4.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_doors_next_generation:4.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_doors_next_generation:4.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_doors_next_generation:5.0:*:*:*:*:*:*:*
  • IBM/Rational Engineering Lifecycle Manager7 versions
    cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:1.0:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:1.0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.03:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.04:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.05:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.06:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0:*:*:*:*:*:*:*
  • IBM/Rational Quality Manager23 versions
    cpe:2.3:a:ibm:rational_quality_manager:2.0:*:*:*:*:*:*:*+ 22 more
    • cpe:2.3:a:ibm:rational_quality_manager:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_quality_manager:2.0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_quality_manager:2.0.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_quality_manager:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_quality_manager:2.0.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_quality_manager:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_quality_manager:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_quality_manager:3.0.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_quality_manager:3.0.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_quality_manager:3.0.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_quality_manager:3.0.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_quality_manager:3.0.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_quality_manager:3.0.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_quality_manager:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_quality_manager:4.0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_quality_manager:4.0.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_quality_manager:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_quality_manager:4.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_quality_manager:4.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_quality_manager:4.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_quality_manager:4.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_quality_manager:4.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_quality_manager:5.0:*:*:*:*:*:*:*
  • IBM/Rational Requirements Composer23 versions
    cpe:2.3:a:ibm:rational_requirements_composer:2.0:*:*:*:*:*:*:*+ 22 more
    • cpe:2.3:a:ibm:rational_requirements_composer:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_requirements_composer:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_requirements_composer:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_requirements_composer:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_requirements_composer:4.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_requirements_composer:4.0.6:*:*:*:*:*:*:*
  • IBM/Rational Rhapsody Design Manager11 versions
    cpe:2.3:a:ibm:rational_rhapsody_design_manager:3.0:*:*:*:*:*:*:*+ 10 more
    • cpe:2.3:a:ibm:rational_rhapsody_design_manager:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_rhapsody_design_manager:3.0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_rhapsody_design_manager:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0:*:*:*:*:*:*:*
  • IBM/Rational Software Architect Design Manager12 versions
    cpe:2.3:a:ibm:rational_software_architect_design_manager:3.0:*:*:*:*:*:*:*+ 11 more
    • cpe:2.3:a:ibm:rational_software_architect_design_manager:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_software_architect_design_manager:3.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_software_architect_design_manager:3.0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_software_architect_design_manager:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0:*:*:*:*:*:*:*
  • IBM/Rational Team Concert21 versions
    cpe:2.3:a:ibm:rational_team_concert:2.0:*:*:*:*:*:*:*+ 20 more
    • cpe:2.3:a:ibm:rational_team_concert:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_team_concert:2.0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_team_concert:2.0.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_team_concert:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_team_concert:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_team_concert:3.0.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_team_concert:3.0.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_team_concert:3.0.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_team_concert:3.0.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_team_concert:3.0.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_team_concert:3.0.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_team_concert:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_team_concert:4.0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_team_concert:4.0.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_team_concert:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_team_concert:4.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_team_concert:4.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_team_concert:4.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_team_concert:4.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_team_concert:4.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_team_concert:5.0:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.