CVSS: 4.3EPSS: 0%CPEs: 13EXPL: 0CVE-2017-1725
https://notcve.org/view.php?id=CVE-2017-1725
IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM), and Rational Software Architect (RSA DM) contain an undisclosed vulnerability with the potential for information disclosure. IBM X-Force ID: 134820. IBM Jazz Team Server afecta a los siguientes productos IBM Rational: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM) y Rational Software Architect (RSA DM) contienen una vulnerabilidad no revelada que tiene el potencial de provocar una divulgación de información. IBM X-Force ID: 134820. • http://www.ibm.com/support/docview.wss?uid=swg22015635 https://exchange.xforce.ibmcloud.com/vulnerabilities/134820 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 32EXPL: 0CVE-2017-1524
https://notcve.org/view.php?id=CVE-2017-1524
IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to obtain sensitive information from a specially crafted HTTP request that could be used to aid future attacks. IBM X-Force ID: 129970. IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 y 6.0) podría permitir que un usuario autenticado obtenga información sensible de una petición HTTP especialmente manipulada que podría emplear como ayuda para futuros ataques. IBM X-Force ID: 129970. • http://www.ibm.com/support/docview.wss?uid=swg22014815 http://www.securityfocus.com/bid/103477 https://exchange.xforce.ibmcloud.com/vulnerabilities/129970 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.4EPSS: 0%CPEs: 19EXPL: 0CVE-2017-1655
https://notcve.org/view.php?id=CVE-2017-1655
IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 133379. IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 y 6.0) es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • http://www.ibm.com/support/docview.wss?uid=swg22014815 http://www.securityfocus.com/bid/103477 https://exchange.xforce.ibmcloud.com/vulnerabilities/133379 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 32EXPL: 0CVE-2017-1602
https://notcve.org/view.php?id=CVE-2017-1602
IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to access settings that they should not be able to using a specially crafted URL. IBM X-Force ID: 132625. IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 y 6.0) podría permitir a un usuario autenticado acceder a ajustes para los que no debería estar autorizado mediante una URL especialmente manipulada. IBM X-Force ID: 132625. • http://www.ibm.com/support/docview.wss?uid=swg22014815 http://www.securityfocus.com/bid/103477 https://exchange.xforce.ibmcloud.com/vulnerabilities/132625 • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 5.4EPSS: 0%CPEs: 19EXPL: 0CVE-2017-1629
https://notcve.org/view.php?id=CVE-2017-1629
IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 133127. IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 y 6.0) es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • http://www.ibm.com/support/docview.wss?uid=swg22014815 http://www.securityfocus.com/bid/103477 https://exchange.xforce.ibmcloud.com/vulnerabilities/133127 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •