Ibm Rational Quality Manager vulnerabilities
201 known vulnerabilities affecting ibm/rational_quality_manager.
Total CVEs
201
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH7MEDIUM182LOW12
Vulnerabilities
Page 6 of 11
CVE-2017-1738MEDIUMCVSS 5.4≥ 5.0, ≤ 5.0.2≥ 6.0, ≤ 6.0.5+9 more2018-07-10
CVE-2017-1738 [MEDIUM] CWE-79 CVE-2017-1738: IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 contains an undisclosed vulnera
IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 contains an undisclosed vulnerability that would allow an authenticated user to obtain elevated privileges. IBM X-Force ID: 134919.
cvelistv5nvd
CVE-2017-1509MEDIUMCVSS 4.3≥ 6.0.0, ≤ 6.0.5v5.0.1+7 more2018-07-06
CVE-2017-1509 [MEDIUM] CWE-200 CVE-2017-1509: IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from
IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid future attacks. IBM X-Force ID: 129719.
cvelistv5nvd
CVE-2017-1242MEDIUMCVSS 5.4≥ 5.0, ≤ 5.0.2≥ 6.0, ≤ 6.0.5+7 more2018-07-06
CVE-2017-1242 [MEDIUM] CWE-94 CVE-2017-1242: IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote att
IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 124524.
cvelistv5nvd
CVE-2017-1239MEDIUMCVSS 5.3≥ 5.0, ≤ 5.0.2≥ 6.0, ≤ 6.0.5+7 more2018-07-06
CVE-2017-1239 [MEDIUM] CWE-200 CVE-2017-1239: IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 could reveal sensitive information in HTTP 500
IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 could reveal sensitive information in HTTP 500 Internal Server Error responses. IBM X-Force ID: 124357.
cvelistv5nvd
CVE-2017-1329MEDIUMCVSS 5.4≥ 5.0, ≤ 5.0.2≥ 6.0, ≤ 6.0.5+7 more2018-07-06
CVE-2017-1329 [MEDIUM] CWE-94 CVE-2017-1329: IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote att
IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 126231.
cvelistv5nvd
CVE-2017-1238MEDIUMCVSS 5.4≥ 5.0, ≤ 5.0.2≥ 6.0, ≤ 6.0.5+7 more2018-07-06
CVE-2017-1238 [MEDIUM] CWE-79 CVE-2017-1238: IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This v
IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124356.
cvelistv5nvd
CVE-2017-1237MEDIUMCVSS 5.4≥ 6.0.0, ≤ 6.0.5v5.0.1+7 more2018-07-06
CVE-2017-1237 [MEDIUM] CWE-79 CVE-2017-1237: IBM Jazz based applications are vulnerable to cross-site scripting. This vulnerability allows users
IBM Jazz based applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124355.
cvelistv5nvd
CVE-2017-1488MEDIUMCVSS 5.3≥ 6.0.0, ≤ 6.0.5v5.0.1+7 more2018-07-06
CVE-2017-1488 [MEDIUM] CWE-200 CVE-2017-1488: An undisclosed vulnerability in Jazz common products exists with potential for information disclosur
An undisclosed vulnerability in Jazz common products exists with potential for information disclosure. IBM X-Force ID: 128627.
cvelistv5nvd
CVE-2017-1559MEDIUMCVSS 4.3≥ 6.0.0, ≤ 6.0.5v5.0.1+7 more2018-07-06
CVE-2017-1559 [MEDIUM] CWE-200 CVE-2017-1559: Multiple IBM Rational products could disclose sensitive information by an attacker that intercepts v
Multiple IBM Rational products could disclose sensitive information by an attacker that intercepts vulnerable requests. IBM X-Force ID: 131758.
cvelistv5nvd
CVE-2017-1248MEDIUMCVSS 6.1≥ 5.0, ≤ 5.0.2≥ 6.0, ≤ 6.0.5+7 more2018-07-06
CVE-2017-1248 [MEDIUM] CWE-94 CVE-2017-1248: IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote att
IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 124628.
cvelistv5nvd
CVE-2017-1277MEDIUMCVSS 5.4v5.0.0v5.0.1+9 more2018-07-03
CVE-2017-1277 [MEDIUM] CWE-79 CVE-2017-1277: IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 a
IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
cvelistv5nvd
CVE-2017-1293MEDIUMCVSS 5.4v5.0.0v5.0.1+9 more2018-07-03
CVE-2017-1293 [MEDIUM] CWE-79 CVE-2017-1293: IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 a
IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
cvelistv5nvd
CVE-2017-1621MEDIUMCVSS 5.4v5.0v5.0.1+7 more2018-07-03
CVE-2017-1621 [MEDIUM] CWE-79 CVE-2017-1621: IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 a
IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
cvelistv5nvd
CVE-2017-1565MEDIUMCVSS 5.4v5.0v5.0.1+7 more2018-07-03
CVE-2017-1565 [MEDIUM] CWE-79 CVE-2017-1565: IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 a
IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
cvelistv5nvd
CVE-2017-1562MEDIUMCVSS 5.4v5.0v5.0.1+7 more2018-07-03
CVE-2017-1562 [MEDIUM] CWE-79 CVE-2017-1562: IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 a
IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
cvelistv5nvd
CVE-2017-1717MEDIUMCVSS 5.4v5.0.0v5.0.1+9 more2018-07-03
CVE-2017-1717 [MEDIUM] CWE-79 CVE-2017-1717: IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 a
IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
cvelistv5nvd
CVE-2017-1315MEDIUMCVSS 5.4v5.0v5.0.1+7 more2018-07-03
CVE-2017-1315 [MEDIUM] CWE-79 CVE-2017-1315: IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 a
IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
cvelistv5nvd
CVE-2017-1651MEDIUMCVSS 5.4v5.0v5.0.1+7 more2018-07-03
CVE-2017-1651 [MEDIUM] CWE-79 CVE-2017-1651: IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 a
IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
cvelistv5nvd
CVE-2017-1281MEDIUMCVSS 5.4v5.0.0v5.0.1+9 more2018-07-03
CVE-2017-1281 [MEDIUM] CWE-79 CVE-2017-1281: IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 a
IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
cvelistv5nvd
CVE-2017-1690MEDIUMCVSS 5.4v5.0v5.0.1+7 more2018-07-03
CVE-2017-1690 [MEDIUM] CWE-79 CVE-2017-1690: IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 a
IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
cvelistv5nvd