CVSS: 3.5EPSS: 0%CPEs: 21EXPL: 0CVE-2014-0844
https://notcve.org/view.php?id=CVE-2014-0844
Unspecified vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to read arbitrary data via unknown vectors. Vulnerabilidad no especificada en IBM Rational Requirements Composer 3.x anterior a 3.0.1.6 iFix2 y 4.x anterior a 4.0.6 y Rational DOORS Next Generation 4.x anterior a 4.0.6 permite a usuarios remotos autenticados leer datos arbitrarios a través de vectores desconocidos. • http://www-01.ibm.com/support/docview.wss?uid=swg21664412 https://exchange.xforce.ibmcloud.com/vulnerabilities/90718 •
CVSS: 3.5EPSS: 0%CPEs: 21EXPL: 0CVE-2014-0846
https://notcve.org/view.php?id=CVE-2014-0846
Cross-site scripting (XSS) vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. Vulnerabilidad de XSS en IBM Rational Requirements Composer 3.x anterior a 3.0.1.6 iFix2 y 4.x anterior a 4.0.6 y Rational DOORS Next Generation 4.x anterior a 4.0.6 permite a usuarios remotos autenticados inyectar script Web o HTML arbitrarios a través de una URL manipulada. • http://www-01.ibm.com/support/docview.wss?uid=swg21664412 http://www.securityfocus.com/bid/65917 https://exchange.xforce.ibmcloud.com/vulnerabilities/90720 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 3.5EPSS: 0%CPEs: 54EXPL: 0CVE-2013-5404
https://notcve.org/view.php?id=CVE-2013-5404
Cross-site scripting (XSS) vulnerability in the search implementation in IBM Rational Quality Manager (RQM) 2.0 through 2.0.1.1, 3.x before 3.0.1.6 iFix 1, and 4.x before 4.0.5, as used in Rational Team Concert, Rational Requirements Composer, and other products, allows remote authenticated users to inject arbitrary web script or HTML via vectors involving an IFRAME element. Vulenrabilidad Cross-site scripting (XSS) en la aplicación de búsqueda en IBM Rational Quality Manager (RQM) 2.0 a 2.0.1.1, 3.0.1.6 3.x antes iFix 1, 4.x antes de 4.0.5, tal como se utiliza en Rational Team Concert, Rational Requirements Composer, y otros productos, permite a usuarios remotos autenticados inyectar web scripts o HTML a través de vectores relacionados con un elemento IFRAME. • http://www-01.ibm.com/support/docview.wss?uid=swg21653689 https://exchange.xforce.ibmcloud.com/vulnerabilities/87318 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2013-3037
https://notcve.org/view.php?id=CVE-2013-3037
Unspecified vulnerability in IBM Rational Requirements Composer before 4.0.4 makes it easier for local users to gain privileges via unknown vectors. Vulnerabilidad sin especificar en IBM Rational Requirements Composer anterior a 4.0.4 facilita a atacantes locales escalar privilegios través de vectores desconocidos • http://www-01.ibm.com/support/docview.wss?uid=swg21645927 https://exchange.xforce.ibmcloud.com/vulnerabilities/84689 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2013-3039
https://notcve.org/view.php?id=CVE-2013-3039
IBM Rational Requirements Composer before 4.0.4 does not properly perform authentication, which has unspecified impact and remote attack vectors. IBM Rational Requirements Composer anterior a v4.0.4 no realiza una autenticación adecuada, lo cual tiene un impacto no especificado y vectores de ataque remotos. • http://www-01.ibm.com/support/docview.wss?uid=swg21645927 https://exchange.xforce.ibmcloud.com/vulnerabilities/84709 • CWE-287: Improper Authentication •