Page 12 of 84 results (0.007 seconds)

CVSS: 3.3EPSS: 0%CPEs: 44EXPL: 0

CVE-2015-7449

https://notcve.org/view.php?id=CVE-2015-7449

IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Quality Manager (RQM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Team Concert (RTC) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Requirements Composer (RRC) 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7 before iFix1, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2 allow local users to obtain sensitive information by leveraging weak encryption. IBM X-Force ID: 108221. IBM Rational Collaborative Lifecycle Management (CLM) en versiones 4.0.x anteriores a la 4.0.7 iFix10, versiones 5.0.x anteriores a la 5.0.2 iFix15, versiones 6.0.x anteriores a la 6.0.1 iFix5 y versiones 6.0.2 anteriores a la iFix2; Rational Quality Manager (RQM) en versiones 4.0.x anteriores a la 4.0.7 iFix10, versiones 5.0.x anteriores a la 5.0.2 iFix15, versiones 6.0.x anteriores a la 6.0.1 iFix5 y versiones 6.0.2 anteriores a la iFix2; Rational Team Concert (RTC) en versiones 4.0.x anteriores a la 4.0.7 iFix10, versiones 5.0.x anteriores a la 5.0.2 iFix15, versiones 6.0.x anteriores a la 6.0.1 iFix5 y versiones 6.0.2 anteriores a la iFix2; Rational Requirements Composer (RRC) en versiones 4.0.x anteriores a la 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) en versiones 4.0.x anteriores a la 4.0.7 iFix10, versiones 5.0.x anteriores a la 5.0.2 iFix15, versiones 6.0.x anteriores a la 6.0.1 iFix5 y versiones 6.0.2 anteriores a la iFix2; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6 y versiones 4.0.7 anteriores a iFix1, versiones 5.0.x anteriores a la 5.0.2 iFix1 y versiones 6.0.x anteriores a la 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) en versiones 4.0.x anteriores a la 4.0.7 iFix10, versiones 5.0.x anteriores a la 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Software Architect Design Manager (RSA DM) en versiones 4.0.x anteriores a la 4.0.7 iFix10, versiones 5.0.x anteriores a la 5.0.2 iFix15, versiones 6.0.x anteriores a la 6.0.1 iFix5 y en versiones 6.0.2 anteriores a iFix2 podrían permitir que los usuarios locales obtengan información sensible aprovechando el cifrado débil. IBM X-Force ID: 108221. • http://www-01.ibm.com/support/docview.wss?uid=swg21985143 https://exchange.xforce.ibmcloud.com/vulnerabilities/108221 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-326: Inadequate Encryption Strength •

CVSS: 5.4EPSS: 0%CPEs: 8EXPL: 0

CVE-2017-1462

https://notcve.org/view.php?id=CVE-2017-1462

IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 128461. IBM Rhapsody DM 5.0 y 6.0 es vulnerable a Cross-Site Scripting. Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • http://www.ibm.com/support/docview.wss?uid=swg22013739 http://www.securityfocus.com/bid/103127 http://www.securitytracker.com/id/1040393 https://exchange.xforce.ibmcloud.com/vulnerabilities/128461 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 8EXPL: 0

CVE-2017-1653

https://notcve.org/view.php?id=CVE-2017-1653

IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 6.0.x) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 133268. IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 6.0.x) es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • http://www.ibm.com/support/docview.wss?uid=swg22012712 http://www.securityfocus.com/bid/102853 http://www.securitytracker.com/id/1040305 http://www.securitytracker.com/id/1040306 http://www.securitytracker.com/id/1040307 https://exchange.xforce.ibmcloud.com/vulnerabilities/133268 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 22EXPL: 0

CVE-2017-1191

https://notcve.org/view.php?id=CVE-2017-1191

An undisclosed vulnerability in CLM applications (including IBM Rational Collaborative Lifecycle Management 4.0, 5.0, and 6.0) with potential for failure to restrict URL Access. IBM X-Force ID: 123661. Es posible que una vulnerabilidad no revelada en las aplicaciones CLM (incluido IBM Rational Collaborative Lifecycle Management 4.0, 5.0 y 6.0) no restrinja el acceso URL. IBM X-Force ID: 123661. • http://www.ibm.com/support/docview.wss?uid=swg22011815 https://exchange.xforce.ibmcloud.com/vulnerabilities/123661 •

CVSS: 5.4EPSS: 0%CPEs: 22EXPL: 0

CVE-2017-1365

https://notcve.org/view.php?id=CVE-2017-1365

IBM Team Concert (RTC including IBM Rational Collaborative Lifecycle Management 4.0, 5.0., and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-force ID: 126858. IBM Team Concert (RTC incluido IBM Rational Collaborative Lifecycle Management 4.0, 5.0 y 6.0) es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades planeadas. • http://www.ibm.com/support/docview.wss?uid=swg22011815 https://exchange.xforce.ibmcloud.com/vulnerabilities/126858 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •