Ibm Rational Collaborative Lifecycle Management vulnerabilities
171 known vulnerabilities affecting ibm/rational_collaborative_lifecycle_management.
Total CVEs
171
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH9MEDIUM155LOW6
Vulnerabilities
Page 4 of 9
CVE-2018-1823MEDIUMCVSS 5.4≥ 5.0, ≤ 6.0.62019-03-14
CVE-2018-1823 [MEDIUM] CWE-79 CVE-2018-1823: IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerabi
IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150426.
nvd
CVE-2018-1762MEDIUMCVSS 5.4≥ 5.0.0, ≤ 6.0.6v5.0+9 more2018-11-29
CVE-2018-1762 [MEDIUM] CWE-79 CVE-2018-1762: IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerab
IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148616.
cvelistv5nvd
CVE-2018-1694MEDIUMCVSS 5.9≥ 5.0.0, ≤ 6.0.6v5.0+9 more2018-11-06
CVE-2018-1694 [MEDIUM] CVE-2018-1694: IBM Jazz applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 thro
IBM Jazz applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Quality Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Rhapsody D
cvelistv5nvd
CVE-2018-1606MEDIUMCVSS 4.3≥ 5.0.0, ≤ 6.0.6v5.0+9 more2018-11-06
CVE-2018-1606 [MEDIUM] CWE-200 CVE-2018-1606: IBM Jazz based applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.
IBM Jazz based applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Quality Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Ratio
cvelistv5nvd
CVE-2018-1558MEDIUMCVSS 5.4≥ 5.0, ≤ 6.0.6v5.0+9 more2018-10-02
CVE-2018-1558 [MEDIUM] CWE-79 CVE-2018-1558: IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerabl
IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142956.
cvelistv5nvd
CVE-2018-1394MEDIUMCVSS 5.4v5.0v5.0.1+7 more2018-08-20
CVE-2018-1394 [MEDIUM] CWE-79 CVE-2018-1394: Multiple IBM Rational products are vulnerable to cross-site scripting. This vulnerability allows use
Multiple IBM Rational products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138425.
cvelistv5nvd
CVE-2017-1753MEDIUMCVSS 5.4v5.0v5.0.1+7 more2018-08-20
CVE-2017-1753 [MEDIUM] CWE-94 CVE-2017-1753: Multiple IBM Rational products are vulnerable to HTML injection. A remote attacker could inject mali
Multiple IBM Rational products are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 135655.
cvelistv5nvd
CVE-2018-1423MEDIUMCVSS 6.5≥ 5.0, ≤ 6.0.5v5.0+8 more2018-07-10
CVE-2018-1423 [MEDIUM] CWE-200 CVE-2018-1423: IBM Jazz Foundation products could disclose sensitive information to an authenticated attacker that
IBM Jazz Foundation products could disclose sensitive information to an authenticated attacker that could be used in further attacks against the system. IBM X-Force ID: 139026.
cvelistv5nvd
CVE-2018-1492MEDIUMCVSS 6.8≥ 5.0, ≤ 6.0.5v5.0+8 more2018-07-10
CVE-2018-1492 [MEDIUM] CWE-384 CVE-2018-1492: IBM Jazz Foundation products could allow a user with physical access to the system to log in as anot
IBM Jazz Foundation products could allow a user with physical access to the system to log in as another user due to the server's failure to properly log out from the previous session. IBM X-Force ID: 140977.
cvelistv5nvd
CVE-2017-1509MEDIUMCVSS 4.3≥ 6.0.0, ≤ 6.0.5v5.0.1+7 more2018-07-06
CVE-2017-1509 [MEDIUM] CWE-200 CVE-2017-1509: IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from
IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid future attacks. IBM X-Force ID: 129719.
cvelistv5nvd
CVE-2017-1238MEDIUMCVSS 5.4≥ 5.0.0, ≤ 6.0.32018-07-06
CVE-2017-1238 [MEDIUM] CWE-79 CVE-2017-1238: IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This v
IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124356.
nvd
CVE-2017-1239MEDIUMCVSS 5.3≥ 5.0.0, ≤ 6.0.32018-07-06
CVE-2017-1239 [MEDIUM] CWE-200 CVE-2017-1239: IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 could reveal sensitive information in HTTP 500
IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 could reveal sensitive information in HTTP 500 Internal Server Error responses. IBM X-Force ID: 124357.
nvd
CVE-2017-1237MEDIUMCVSS 5.4≥ 6.0.0, ≤ 6.0.5v5.0.1+7 more2018-07-06
CVE-2017-1237 [MEDIUM] CWE-79 CVE-2017-1237: IBM Jazz based applications are vulnerable to cross-site scripting. This vulnerability allows users
IBM Jazz based applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124355.
cvelistv5nvd
CVE-2017-1488MEDIUMCVSS 5.3≥ 6.0.0, ≤ 6.0.5v5.0.1+7 more2018-07-06
CVE-2017-1488 [MEDIUM] CWE-200 CVE-2017-1488: An undisclosed vulnerability in Jazz common products exists with potential for information disclosur
An undisclosed vulnerability in Jazz common products exists with potential for information disclosure. IBM X-Force ID: 128627.
cvelistv5nvd
CVE-2017-1559MEDIUMCVSS 4.3≥ 6.0.0, ≤ 6.0.5v5.0.1+7 more2018-07-06
CVE-2017-1559 [MEDIUM] CWE-200 CVE-2017-1559: Multiple IBM Rational products could disclose sensitive information by an attacker that intercepts v
Multiple IBM Rational products could disclose sensitive information by an attacker that intercepts vulnerable requests. IBM X-Force ID: 131758.
cvelistv5nvd
CVE-2017-1242MEDIUMCVSS 5.4≥ 5.0.0, ≤ 6.0.32018-07-06
CVE-2017-1242 [MEDIUM] CWE-94 CVE-2017-1242: IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote att
IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 124524.
nvd
CVE-2017-1248MEDIUMCVSS 6.1≥ 5.0.0, ≤ 6.0.32018-07-06
CVE-2017-1248 [MEDIUM] CWE-94 CVE-2017-1248: IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote att
IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 124628.
nvd
CVE-2017-1329MEDIUMCVSS 5.4≥ 5.0.0, ≤ 6.0.32018-07-06
CVE-2017-1329 [MEDIUM] CWE-94 CVE-2017-1329: IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote att
IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 126231.
nvd
CVE-2017-1277MEDIUMCVSS 5.4v5.0.0v5.0.1+9 more2018-07-03
CVE-2017-1277 [MEDIUM] CWE-79 CVE-2017-1277: IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 a
IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
cvelistv5nvd
CVE-2017-1293MEDIUMCVSS 5.4v5.0.0v5.0.1+9 more2018-07-03
CVE-2017-1293 [MEDIUM] CWE-79 CVE-2017-1293: IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 a
IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
cvelistv5nvd