CVE-2015-1928Improper Input Validation in IBM Rational Collaborative Lifecycle Management

CWE-20Improper Input Validation4 documents4 sources
Severity
6.8MEDIUMNVD
EPSS
0.3%
top 46.32%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
IBM Rational Collaborative Lifecycle ManagementIBM Rational Doors Next GenerationIBM Rational Engineering Lifecycle Manager+5 more
Timeline
PublishedJan 2
Latest updateMay 17

Description

Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.x before 6.0.0 IF4; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:NExploitability: 2.3 | Impact: 4.0

Affected Packages8 packages

NVDibm/rational_quality_manager23 versions+22

🔴Vulnerability Details

2
GHSA
GHSA-3ggw-j4v8-rwmq: Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 32022-05-17
CVEList
CVE-2015-1928: Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 32016-01-02

💬Community

1
Bugzilla
CVE-2015-4902 Oracle JDK: unspecified vulnerability fixed in 6u105, 7u91 and 8u65 (Deployment)2015-10-21
CVE-2015-1928 — Improper Input Validation in IBM | cvebase