CVE-2016-9697 — Sensitive Information Exposure in Corporation Rational Rhapsody Design Manager

CWE-200 — Sensitive Information Exposure3 documents3 sources

Severity

3.1LOWNVD

EPSS

0.2%

top 60.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Corporation Rational Rhapsody Design Manager IBM Rational Rhapsody Design Manager

Timeline

PublishedMar 20

Latest updateMay 17

Description

An unspecified vulnerability in IBM Rhapsody DM 4.0, 5.0, and 6.0 could allow an attacker to perform a JSON Hijacking Attack. A JSON Hijacking Attack may expose to an attacker information passed between the server and the browser. IBM Reference #: 1999960.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.6 | Impact: 1.4

Affected Packages2 packages

▶NVDibm/rational_rhapsody_design_manager14 versions+13

▶CVEListV5ibm_corporation/rational_rhapsody_design_manager18 versions+17

Patches

Patch: www.ibm.com ↗Patch: www.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-rvx7-7748-vx4r: An unspecified vulnerability in IBM Rhapsody DM 4↗2022-05-17

▶

CVEList

CVE-2016-9697: An unspecified vulnerability in IBM Rhapsody DM 4↗2017-03-20

▶