VYPR

Rational Engineering Lifecycle Manager

by IBM

CVEs (118)

  • CVE-2017-1359MedOct 3, 2017
    risk 0.35cvss 5.4epss 0.01

    IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:…

  • CVE-2017-1335MedOct 3, 2017
    risk 0.35cvss 5.4epss 0.01

    IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:…

  • CVE-2017-1334MedOct 3, 2017
    risk 0.35cvss 5.4epss 0.01

    IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:…

  • CVE-2017-1324MedOct 3, 2017
    risk 0.35cvss 5.4epss 0.01

    IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:…

  • CVE-2017-1168MedAug 10, 2017
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Engineering Lifecycle Manager 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a…

  • CVE-2016-9747MedJun 22, 2017
    risk 0.35cvss 5.4epss 0.01

    IBM RELM 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

  • CVE-2016-9973MedJun 13, 2017
    risk 0.35cvss 5.4epss 0.01

    IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120209.

  • CVE-2016-3014MedNov 30, 2016
    risk 0.35cvss 5.4epss 0.01

    Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Quality Manager 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Team Concert 4.0 before 4.0.7 iFix11 and 5.0…

  • CVE-2016-2926MedNov 25, 2016
    risk 0.35cvss 5.4epss 0.01

    Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix19, and 6.0 before 6.0.2 iFix3; Rational Quality Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix19, and 6.0 before 6.0.2 iFix3;…

  • CVE-2016-2986MedNov 25, 2016
    risk 0.35cvss 5.4epss 0.01

    Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 6.x before 6.0.1 iFix6, Rational Quality Manager 6.x before 6.0.1 iFix6, Rational Team Concert 6.x before 6.0.1 iFix6, Rational DOORS Next Generation 6.x before 6.0.1 iFix6, Rational…

  • CVE-2016-2864MedNov 24, 2016
    risk 0.35cvss 5.4epss 0.01

    Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before…

  • CVE-2016-0285MedNov 24, 2016
    risk 0.35cvss 5.4epss 0.01

    Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before…

  • CVE-2016-0284MedNov 24, 2016
    risk 0.35cvss 5.4epss 0.01

    The XML parser in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before…

  • CVE-2016-0273MedNov 24, 2016
    risk 0.35cvss 5.4epss 0.01

    Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before…

  • CVE-2018-1492MedJul 10, 2018
    risk 0.28cvss 4.3epss 0.00

    IBM Jazz Foundation products could allow a user with physical access to the system to log in as another user due to the server's failure to properly log out from the previous session. IBM X-Force ID: 140977.

  • CVE-2018-1423MedJul 10, 2018
    risk 0.28cvss 4.3epss 0.01

    IBM Jazz Foundation products could disclose sensitive information to an authenticated attacker that could be used in further attacks against the system. IBM X-Force ID: 139026.

  • CVE-2017-1509MedJul 6, 2018
    risk 0.28cvss 4.3epss 0.01

    IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid future attacks. IBM X-Force ID: 129719.

  • CVE-2017-1734MedApr 24, 2018
    risk 0.28cvss 4.3epss 0.01

    IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody…

  • CVE-2017-1725MedApr 24, 2018
    risk 0.28cvss 4.3epss 0.01

    IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody…

  • CVE-2015-7484MedJan 16, 2018
    risk 0.28cvss 4.3epss 0.01

    IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1 and 4.0 before 4.0.7 iFix10 allow remote authenticated users with access to lifecycle projects to obtain sensitive information by sending a crafted URL to the Lifecycle Query Engine. IBM X-Force…

Page 2 of 6