Rational Common Licensing
by IBM
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-50946 | 0.00 | — | 0.00 | Jan 26, 2025 | IBM Common Licensing 9.0 could allow an authenticated user to modify a configuration file that they should not have access to due to a broken authorization mechanism. | |||
| CVE-2023-50945 | 0.00 | — | 0.00 | Jan 26, 2025 | IBM Common Licensing 9.0 stores user credentials in plain clear text which can be read by a local user. | |||
| CVE-2024-41774 | 0.00 | — | 0.00 | Aug 13, 2024 | IBM Common Licensing 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. … | |||
| CVE-2024-40697 | 0.00 | — | 0.00 | Aug 13, 2024 | IBM Common Licensing 9.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 297895. | |||
| CVE-2023-50306 | 0.00 | — | 0.00 | Feb 20, 2024 | IBM Common Licensing 9.0 could allow a local user to enumerate usernames due to an observable response discrepancy. IBM X-Force ID: 273337. | |||
| CVE-2011-1205 | 0.00 | — | 0.00 | Mar 29, 2011 | Multiple buffer overflows in unspecified COM objects in Rational Common Licensing 7.0 through 7.1.1.4 in IBM Rational ClearCase 7.0.0.4 through 7.1.1.4, ClearQuest 7.0.0.4 through 7.1.1.4, and other products allow local users to gain privileges via a Trojan horse HTML document… |
- CVE-2023-50946Jan 26, 2025risk 0.00cvss —epss 0.00
IBM Common Licensing 9.0 could allow an authenticated user to modify a configuration file that they should not have access to due to a broken authorization mechanism.
- CVE-2023-50945Jan 26, 2025risk 0.00cvss —epss 0.00
IBM Common Licensing 9.0 stores user credentials in plain clear text which can be read by a local user.
- CVE-2024-41774Aug 13, 2024risk 0.00cvss —epss 0.00
IBM Common Licensing 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. …
- CVE-2024-40697Aug 13, 2024risk 0.00cvss —epss 0.00
IBM Common Licensing 9.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 297895.
- CVE-2023-50306Feb 20, 2024risk 0.00cvss —epss 0.00
IBM Common Licensing 9.0 could allow a local user to enumerate usernames due to an observable response discrepancy. IBM X-Force ID: 273337.
- CVE-2011-1205Mar 29, 2011risk 0.00cvss —epss 0.00
Multiple buffer overflows in unspecified COM objects in Rational Common Licensing 7.0 through 7.1.1.4 in IBM Rational ClearCase 7.0.0.4 through 7.1.1.4, ClearQuest 7.0.0.4 through 7.1.1.4, and other products allow local users to gain privileges via a Trojan horse HTML document…