Jazz Team Server
by IBM
CVEs (33)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-29713 | 0.00 | — | 0.00 | Oct 27, 2021 | IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||
| CVE-2021-29673 | 0.00 | — | 0.00 | Oct 27, 2021 | IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:… | |||
| CVE-2021-20519 | 0.00 | — | 0.01 | Apr 12, 2021 | IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:… | |||
| CVE-2020-4965 | 0.00 | — | 0.01 | Apr 12, 2021 | IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 192422. | |||
| CVE-2020-4964 | 0.00 | — | 0.01 | Apr 12, 2021 | IBM Jazz Team Server products contain an undisclosed vulnerability that could allow an authenticated user to present a customized message on the application which could be used to phish other users. IBM X-Force ID: 192419. | |||
| CVE-2020-4920 | 0.00 | — | 0.01 | Apr 12, 2021 | IBM Jazz Team Server products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM… | |||
| CVE-2020-4546 | 0.00 | — | 0.01 | Sep 2, 2020 | IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM… | |||
| CVE-2020-4445 | 0.00 | — | 0.01 | Sep 2, 2020 | IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM… | |||
| CVE-2019-4748 | 0.00 | — | 0.01 | Jul 16, 2020 | IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM… | |||
| CVE-2015-0112 | 0.00 | — | 0.01 | Jun 7, 2015 | Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Quality Manager (RQM) 2.0 through 2.0.1, 3.0 through 3.0.1.6, 4.0 through 4.0.7, and 5.0 through 5.0.2; Rational Team… | |||
| CVE-2014-6131 | 0.00 | — | 0.01 | Mar 18, 2015 | IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team… | |||
| CVE-2014-6129 | 0.00 | — | 0.01 | Mar 18, 2015 | IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team… | |||
| CVE-2014-0862 | 0.00 | — | 0.04 | Mar 2, 2014 | Unspecified vulnerability in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x before 3.0.1.6 iFix 2 and 4.x before 4.0.6 allows remote attackers to execute arbitrary code via unknown vectors. |
- CVE-2021-29713Oct 27, 2021risk 0.00cvss —epss 0.00
IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
- CVE-2021-29673Oct 27, 2021risk 0.00cvss —epss 0.00
IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:…
- CVE-2021-20519Apr 12, 2021risk 0.00cvss —epss 0.01
IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:…
- CVE-2020-4965Apr 12, 2021risk 0.00cvss —epss 0.01
IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 192422.
- CVE-2020-4964Apr 12, 2021risk 0.00cvss —epss 0.01
IBM Jazz Team Server products contain an undisclosed vulnerability that could allow an authenticated user to present a customized message on the application which could be used to phish other users. IBM X-Force ID: 192419.
- CVE-2020-4920Apr 12, 2021risk 0.00cvss —epss 0.01
IBM Jazz Team Server products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM…
- CVE-2020-4546Sep 2, 2020risk 0.00cvss —epss 0.01
IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM…
- CVE-2020-4445Sep 2, 2020risk 0.00cvss —epss 0.01
IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM…
- CVE-2019-4748Jul 16, 2020risk 0.00cvss —epss 0.01
IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM…
- CVE-2015-0112Jun 7, 2015risk 0.00cvss —epss 0.01
Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Quality Manager (RQM) 2.0 through 2.0.1, 3.0 through 3.0.1.6, 4.0 through 4.0.7, and 5.0 through 5.0.2; Rational Team…
- CVE-2014-6131Mar 18, 2015risk 0.00cvss —epss 0.01
IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team…
- CVE-2014-6129Mar 18, 2015risk 0.00cvss —epss 0.01
IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team…
- CVE-2014-0862Mar 2, 2014risk 0.00cvss —epss 0.04
Unspecified vulnerability in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x before 3.0.1.6 iFix 2 and 4.x before 4.0.6 allows remote attackers to execute arbitrary code via unknown vectors.
Page 2 of 2