Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Rational_software_architect_design_manager
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 81 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2016-01-02 | CVE-2015-1971 | Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF8 and 5.x before 5.0.2 IF10; Rational Quality Manager (RQM) 2.x and 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF8, and 5.x before 5.0.2 IF10; Rational Team Concert (RTC) 2.x and 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF8, and 5.x before 5.0.2 IF10; Rational Requirements Composer (RRC) 2.x and 3.x before 3.0.1.6 IF7 and 4.0 through 4.0.7;... | Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_requirements_composer, Rational_rhapsody_design_manager, Rational_software_architect_design_manager, Rational_team_concert | 4.3 | ||
| 2016-01-02 | CVE-2015-1928 | Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.x before 6.0.0 IF4; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before... | Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_requirements_composer, Rational_rhapsody_design_manager, Rational_software_architect_design_manager, Rational_team_concert | 6.8 | ||
| 2015-04-27 | CVE-2015-0113 | The Jazz help system in IBM Rational Collaborative Lifecycle Management 4.0 through 5.0.2, Rational Quality Manager 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Team Concert 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Requirements Composer 4.0 through 4.0.7, Rational DOORS Next Generation 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Engineering Lifecycle Manager 4.0.3 through 4.0.7 and 5.0 through 5.0.2, Rational Rhapsody Design Manager 4.0 through 4.0.7 and 5.0 through... | Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_requirements_composer, Rational_rhapsody_design_manager, Rational_software_architect_design_manager, Rational_team_concert | N/A | ||
| 2015-06-07 | CVE-2015-0112 | Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Quality Manager (RQM) 2.0 through 2.0.1, 3.0 through 3.0.1.6, 4.0 through 4.0.7, and 5.0 through 5.0.2; Rational Team Concert (RTC) 2.0 through 2.0.0.2, 3.x before 3.0.1.6 IF6, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Requirements Composer (RRC) 2.0 through 2.0.0.4, 3.x before 3.0.1.6 IF6, and 4.0 through 4.0.7; Rational... | Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_requirements_composer, Rational_software_architect_design_manager, Rational_team_concert, Rhapsody_design_manager | N/A | ||
| 2014-09-11 | CVE-2014-3092 | IBM Jazz Team Server, as used in Rational Collaborative Lifecycle Management; Rational Quality Manager 3.x before 3.0.1.6 iFix 3, 4.x before 4.0.7, and 5.x before 5.0.1; and other Rational products, does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. | Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_requirements_composer, Rational_rhapsody_design_manager, Rational_software_architect_design_manager, Rational_team_concert | N/A | ||
| 2014-09-10 | CVE-2014-3037 | Cross-site request forgery (CSRF) vulnerability in IBM Configuration Management Application (aka VVC) in IBM Rational Engineering Lifecycle Manager before 4.0.7 and 5.x before 5.0.1, Rational Software Architect Design Manager before 4.0.7 and 5.x before 5.0.1, and Rational Rhapsody Design Manager before 4.0.7 and 5.x before 5.0.1 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences. | Rational_engineering_lifecycle_manager, Rational_rhapsody_design_manager, Rational_software_architect_design_manager | N/A | ||
| 2014-07-30 | CVE-2014-0948 | Unspecified vulnerability in IBM Rational Software Architect Design Manager and Rational Rhapsody Design Manager 3.x and 4.x before 4.0.7 allows remote authenticated users to execute arbitrary code via a crafted ZIP archive. | Rational_software_architect_design_manager, Rhapsody_design_manager | N/A | ||
| 2014-07-30 | CVE-2014-0947 | Unspecified vulnerability in the server in IBM Rational Software Architect Design Manager 4.0.6 allows remote authenticated users to execute arbitrary code via a crafted update site. | Rational_software_architect_design_manager | N/A | ||
| 2014-04-21 | CVE-2013-5459 | Unspecified vulnerability in IBM Rational Software Architect (RSA) Design Manager and Rational Rhapsody Design Manager 3.x through 3.0.1 and 4.x before 4.0.6 allows remote authenticated users to modify data by leveraging improper parameter checking. | Rational_software_architect_design_manager, Rhapsody_design_manager | N/A | ||
| 2013-12-14 | CVE-2013-3043 | Directory traversal vulnerability in the client in IBM Rational Software Architect Design Manager and Rhapsody Design Manager 3.x and 4.x before 4.0.5 allows local users to read arbitrary files via vectors involving temporary files. | Rational_software_architect_design_manager, Rhapsody_design_manager | N/A |