CVE-2014-6131Sensitive Information Exposure in IBM Rational Collaborative Lifecycle Management

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
4.0MEDIUMNVD
EPSS
0.2%
top 63.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
IBM Rational Collaborative Lifecycle ManagementIBM Rational Doors Next GenerationIBM Rational Quality Manager+2 more
Timeline
PublishedMar 18
Latest updateMay 17

Description

IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational DOORS Next Generation 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Requirements Composer 2.x and 3.x befor

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages5 packages

NVDibm/rational_team_concert23 versions+22
NVDibm/rational_quality_manager25 versions+24

Patches

Patch: www-01.ibm.comPatch: www-01.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-mvxf-hqpf-5jjj: IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 32022-05-17
CVEList
CVE-2014-6131: IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 32015-03-18
CVE-2014-6131 — Sensitive Information Exposure in IBM | cvebase