Rational_quality_manager - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Rational_quality_manager
(Ibm)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	202

Date	Id	Summary	Products	Score	Patch	Annotated
2017-06-13	CVE-2016-9973	IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120209.	Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_rhapsody_design_manager, Rational_software_architect_design_manager, Rational_team_concert	5.4
2017-05-15	CVE-2016-9735	IBM Jazz Foundation could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID: 119781,	Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_rhapsody_design_manager, Rational_software_architect_design_manager, Rational_team_concert	4.3
2017-03-31	CVE-2016-9707	IBM Jazz Foundation is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference #: 2000784.	Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_rhapsody_design_manager, Rational_software_architect_design_manager, Rational_team_concert	8.1
2017-07-05	CVE-2016-9700	IBM Jazz Foundation could allow an authenticated attacker to obtain sensitive information from error message stack traces. IBM X-Force ID: 119528.	Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_rhapsody_design_manager, Rational_software_architect_design_manager, Rational_team_concert	4.3
2017-05-10	CVE-2016-6037	IBM Rational Team Concert (RTC) is vulnerable to HTML injection. A remote attacker with project administrator privileges could send a project that contains malicious HTML code, which when the project is viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 116918.	Rational_quality_manager, Rational_team_concert	4.8
2017-03-31	CVE-2016-6036	IBM Rational Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 2000784.	Rational_quality_manager	5.4
2017-05-10	CVE-2016-6035	IBM Rational Quality Manager is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 116896.	Rational_quality_manager, Rational_team_concert	5.4
2017-03-31	CVE-2016-6031	IBM Rational Quality Manager 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 2000784.	Rational_quality_manager	5.4
2017-11-27	CVE-2016-6024	IBM Jazz technology based products might divulge information that might be useful in helping attackers through error messages. IBM X-Force ID: 116868.	Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_rhapsody_design_manager, Rational_software_architect_design_manager, Rational_team_concert	4.3
2017-03-31	CVE-2016-6022	IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 2000784.	Rational_quality_manager	5.4