CVE-2016-9748

CWE-200 — Information Exposure3 documents3 sources

Severity

4.3MEDIUM

EPSS

0.2%

top 60.53%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Corporation Rational Doors Next Generation IBM Rational Doors Next Generation IBM Rational Requirements Composer

Timeline

PublishedFeb 8

Latest updateMay 17

Description

IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive information in error response messages that could be used for further attacks against the system.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages3 packages

▶NVDibm/rational_doors_next_generation7 versions+6

▶CVEListV5ibm_corporation/rational_doors_next_generation13 versions+12

▶NVDibm/rational_requirements_composer4.0.7

Patches

Patch: www.ibm.com ↗Patch: www.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-363q-g58w-9xvh: IBM Rational DOORS Next Generation 5↗2022-05-17

▶

CVEList

CVE-2016-9748: IBM Rational DOORS Next Generation 5↗2017-02-08

▶