CVE-2015-0113 — Sensitive Information Exposure in IBM Rational Collaborative Lifecycle Management

CWE-200 — Sensitive Information Exposure3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

0.4%

top 41.67%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Rational Collaborative Lifecycle Management IBM Rational Doors Next Generation IBM Rational Engineering Lifecycle Manager +5 more

Timeline

PublishedApr 27

Latest updateMay 17

Description

The Jazz help system in IBM Rational Collaborative Lifecycle Management 4.0 through 5.0.2, Rational Quality Manager 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Team Concert 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Requirements Composer 4.0 through 4.0.7, Rational DOORS Next Generation 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Engineering Lifecycle Manager 4.0.3 through 4.0.7 and 5.0 through 5.0.2, Rational Rhapsody Design Manager 4.0 through 4.0.7 and 5.0 through 5.0.2, an…

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages8 packages

▶NVDibm/rational_software_architect_design_manager11 versions+10

▶NVDibm/rational_rhapsody_design_manager11 versions+10

▶NVDibm/rational_engineering_lifecycle_manager8 versions+7

▶NVDibm/rational_quality_manager12 versions+11

▶NVDibm/rational_collaborative_lifecycle_management11 versions+10

Patches

Patch: www-01.ibm.com ↗Patch: www-01.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-5vm2-x4wp-rqq8: The Jazz help system in IBM Rational Collaborative Lifecycle Management 4↗2022-05-17

▶

CVEList

CVE-2015-0113: The Jazz help system in IBM Rational Collaborative Lifecycle Management 4↗2015-04-27

▶