CVE-2018-1606
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
IBM Jazz based applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Quality Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Rhapsody Design Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Software Architect Design Manager 5.0 through 5.02 and 6.0 through 6.0.1, IBM Rational Team Concert 5.0 through 5.02 and 6.0 through 6.0.6) could allow an authenticated user to obtain sensitive information from an error message that could be used in further attacks against the system. IBM X-Force ID: 143796.
Las aplicaciones basadas en IBM Jazz (IBM Rational Collaborative Lifecycle Management en versiones 5.0 hasta la 5.02 y versiones 6.0 hasta la 6.0.6, IBM Rational DOORS Next Generation en versiones 5.0 hasta la 5.02 y versiones 6.0 hasta la 6.0.6, IBM Rational Engineering Lifecycle Manager en versiones 5.0 hasta la 5.02 y versiones 6.0 hasta la 6.0.6, IBM Rational Quality Manager en versiones 5.0 hasta la 5.02 y versiones 6.0 hasta la 6.0.6, IBM Rational Rhapsody Design Manager en versiones 5.0 hasta la 5.02 y versiones 6.0 hasta la 6.0.6, IBM Rational Software Architect Design Manager en versiones 5.0 hasta la 5.02 y versiones 6.0 hasta la 6.0.1, y IBM Rational Team Concert en versiones 5.0 hasta la 5.02 y versiones 6.0 hasta la 6.0.6) podría permitir que un usuario autenticado obtenga información sensible de un mensaje de error que podría emplearse en más ataques contra el sistema. IBM X-Force ID: 143796.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-12-13 CVE Reserved
- 2018-11-06 CVE Published
- 2024-09-11 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (2)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www.ibm.com/support/docview.wss?uid=ibm10738301 | 2019-10-09 |
URL | Date | SRC |
---|---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/143796 | 2019-10-09 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Ibm Search vendor "Ibm" | Rational Collaborative Lifecycle Management Search vendor "Ibm" for product "Rational Collaborative Lifecycle Management" | >= 5.0.0 <= 6.0.6 Search vendor "Ibm" for product "Rational Collaborative Lifecycle Management" and version " >= 5.0.0 <= 6.0.6" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Doors Next Generation Search vendor "Ibm" for product "Rational Doors Next Generation" | >= 5.0.0 <= 5.0.2 Search vendor "Ibm" for product "Rational Doors Next Generation" and version " >= 5.0.0 <= 5.0.2" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Doors Next Generation Search vendor "Ibm" for product "Rational Doors Next Generation" | >= 6.0.0 <= 6.0.6 Search vendor "Ibm" for product "Rational Doors Next Generation" and version " >= 6.0.0 <= 6.0.6" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Engineering Lifecycle Manager Search vendor "Ibm" for product "Rational Engineering Lifecycle Manager" | >= 5.0.0 <= 5.0.2 Search vendor "Ibm" for product "Rational Engineering Lifecycle Manager" and version " >= 5.0.0 <= 5.0.2" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Engineering Lifecycle Manager Search vendor "Ibm" for product "Rational Engineering Lifecycle Manager" | >= 6.0.0 <= 6.0.6 Search vendor "Ibm" for product "Rational Engineering Lifecycle Manager" and version " >= 6.0.0 <= 6.0.6" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Quality Manager Search vendor "Ibm" for product "Rational Quality Manager" | >= 5.0.0 <= 5.0.2 Search vendor "Ibm" for product "Rational Quality Manager" and version " >= 5.0.0 <= 5.0.2" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Quality Manager Search vendor "Ibm" for product "Rational Quality Manager" | >= 6.0.0 <= 6.0.6 Search vendor "Ibm" for product "Rational Quality Manager" and version " >= 6.0.0 <= 6.0.6" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Rhapsody Design Manager Search vendor "Ibm" for product "Rational Rhapsody Design Manager" | >= 5.0.0 <= 5.0.2 Search vendor "Ibm" for product "Rational Rhapsody Design Manager" and version " >= 5.0.0 <= 5.0.2" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Rhapsody Design Manager Search vendor "Ibm" for product "Rational Rhapsody Design Manager" | >= 6.0.0 <= 6.0.6 Search vendor "Ibm" for product "Rational Rhapsody Design Manager" and version " >= 6.0.0 <= 6.0.6" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Software Architect Design Manager Search vendor "Ibm" for product "Rational Software Architect Design Manager" | >= 5.0.0 <= 5.0.2 Search vendor "Ibm" for product "Rational Software Architect Design Manager" and version " >= 5.0.0 <= 5.0.2" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Software Architect Design Manager Search vendor "Ibm" for product "Rational Software Architect Design Manager" | >= 6.0.0 <= 6.0.1 Search vendor "Ibm" for product "Rational Software Architect Design Manager" and version " >= 6.0.0 <= 6.0.1" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Team Concert Search vendor "Ibm" for product "Rational Team Concert" | >= 5.0.0 <= 5.0.2 Search vendor "Ibm" for product "Rational Team Concert" and version " >= 5.0.0 <= 5.0.2" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Rational Team Concert Search vendor "Ibm" for product "Rational Team Concert" | >= 6.0.0 <= 6.0.6 Search vendor "Ibm" for product "Rational Team Concert" and version " >= 6.0.0 <= 6.0.6" | - |
Affected
|