Rational_quality_manager - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Rational_quality_manager
(Ibm)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	202

Date	Id	Summary	Products	Score	Patch	Annotated
2017-03-31	CVE-2016-9707	IBM Jazz Foundation is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference #: 2000784.	Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_rhapsody_design_manager, Rational_software_architect_design_manager, Rational_team_concert	8.1
2017-07-05	CVE-2016-9700	IBM Jazz Foundation could allow an authenticated attacker to obtain sensitive information from error message stack traces. IBM X-Force ID: 119528.	Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_rhapsody_design_manager, Rational_software_architect_design_manager, Rational_team_concert	4.3
2017-05-10	CVE-2016-6037	IBM Rational Team Concert (RTC) is vulnerable to HTML injection. A remote attacker with project administrator privileges could send a project that contains malicious HTML code, which when the project is viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 116918.	Rational_quality_manager, Rational_team_concert	4.8
2017-03-31	CVE-2016-6036	IBM Rational Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 2000784.	Rational_quality_manager	5.4
2017-05-10	CVE-2016-6035	IBM Rational Quality Manager is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 116896.	Rational_quality_manager, Rational_team_concert	5.4
2017-03-31	CVE-2016-6031	IBM Rational Quality Manager 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 2000784.	Rational_quality_manager	5.4
2017-11-27	CVE-2016-6024	IBM Jazz technology based products might divulge information that might be useful in helping attackers through error messages. IBM X-Force ID: 116868.	Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_rhapsody_design_manager, Rational_software_architect_design_manager, Rational_team_concert	4.3
2017-03-31	CVE-2016-6022	IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 2000784.	Rational_quality_manager	5.4
2016-11-30	CVE-2016-3014	Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Quality Manager 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Team Concert 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational DOORS Next Generation 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Engineering Lifecycle Manager 4.x before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Rhapsody...	Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_rhapsody_design_manager, Rational_software_architect_design_manager, Rational_team_concert	5.4
2017-02-01	CVE-2016-2987	An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacker.	Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_rhapsody_design_manager, Rational_software_architect_design_manager, Rational_team_concert	4.3