Product:

Rational_engineering_lifecycle_manager

(Ibm)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 141
Date Id Summary Products Score Patch Annotated
2017-05-15 CVE-2016-9735 IBM Jazz Foundation could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID: 119781, Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_rhapsody_design_manager, Rational_software_architect_design_manager, Rational_team_concert 4.3
2017-03-31 CVE-2016-9707 IBM Jazz Foundation is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference #: 2000784. Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_rhapsody_design_manager, Rational_software_architect_design_manager, Rational_team_concert 8.1
2017-07-05 CVE-2016-9700 IBM Jazz Foundation could allow an authenticated attacker to obtain sensitive information from error message stack traces. IBM X-Force ID: 119528. Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_rhapsody_design_manager, Rational_software_architect_design_manager, Rational_team_concert 4.3
2017-11-27 CVE-2016-6024 IBM Jazz technology based products might divulge information that might be useful in helping attackers through error messages. IBM X-Force ID: 116868. Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_rhapsody_design_manager, Rational_software_architect_design_manager, Rational_team_concert 4.3
2016-11-30 CVE-2016-3014 Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Quality Manager 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Team Concert 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational DOORS Next Generation 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Engineering Lifecycle Manager 4.x before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Rhapsody... Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_rhapsody_design_manager, Rational_software_architect_design_manager, Rational_team_concert 5.4
2017-02-01 CVE-2016-2987 An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacker. Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_rhapsody_design_manager, Rational_software_architect_design_manager, Rational_team_concert 4.3
2016-11-25 CVE-2016-2986 Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 6.x before 6.0.1 iFix6, Rational Quality Manager 6.x before 6.0.1 iFix6, Rational Team Concert 6.x before 6.0.1 iFix6, Rational DOORS Next Generation 6.x before 6.0.1 iFix6, Rational Engineering Lifecycle Manager 6.x before 6.0.1 iFix6, and Rational Rhapsody Design Manager 6.x before 6.0.1 iFix6 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_rhapsody_design_manager, Rational_team_concert 5.4
2016-11-25 CVE-2016-2947 IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Team Concert 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational DOORS Next Generation 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Engineering Lifecycle Manager 4.x before 4.0.7... Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_rhapsody_design_manager, Rational_software_architect_design_manager, Rational_team_concert 2.7
2016-11-25 CVE-2016-2926 Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix19, and 6.0 before 6.0.2 iFix3; Rational Quality Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix19, and 6.0 before 6.0.2 iFix3; Rational Team Concert 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix19, and 6.0 before 6.0.2 iFix3; Rational DOORS Next Generation 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix19, and 6.0 before 6.0.2 iFix3; Rational... Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_rhapsody_design_manager, Rational_software_architect_design_manager, Rational_team_concert 5.4
2016-11-24 CVE-2016-2864 Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Team Concert 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational DOORS Next Generation 4.0 before 4.0.7 iFix11,... Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_rhapsody_design_manager, Rational_software_architect_design_manager, Rational_team_concert 5.4