VYPR
Medium severity5.4NVD Advisory· Published Dec 27, 2017· Updated Jun 17, 2026

CVE-2017-1365

CVE-2017-1365

Description

IBM Team Concert (RTC including IBM Rational Collaborative Lifecycle Management 4.0, 5.0., and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-force ID: 126858.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

15
  • cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:*:*:*:*:*:*:*:*range: >=4.0.0,<=6.0.4
    • (no CPE)range: 4.0, 5.0., and 6.0
    • (no CPE)range: 4.0
  • cpe:2.3:a:ibm:rational_doors_next_generation:*:*:*:*:*:*:*:*
    Range: >=4.0.1,<=4.0.7
  • cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:*:*:*:*:*:*:*:*
    Range: >=4.0.3,<=4.0.7
  • cpe:2.3:a:ibm:rational_quality_manager:*:*:*:*:*:*:*:*
    Range: >=4.0.0,<=4.0.7
  • cpe:2.3:a:ibm:rational_rhapsody_design_manager:*:*:*:*:*:*:*:*
    Range: >=4.0.0,<=4.0.7
  • cpe:2.3:a:ibm:rational_software_architect_design_manager:*:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:ibm:rational_software_architect_design_manager:*:*:*:*:*:*:*:*range: >=4.0.0,<=4.0.7
    • cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_software_architect_design_manager:6.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_software_architect_design_manager:6.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:rational_team_concert:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:ibm:rational_team_concert:*:*:*:*:*:*:*:*range: >=4.0.0,<=4.0.7
    • (no CPE)range: 4.0, 5.0., and 6.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.