CVE-2015-1928
6.8
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N
Exploitability: 2.3 / Impact: 4.0
Source: NVD
Description
Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.x before 6.0.0 IF4; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Engineering Lifecycle Manager (RELM) 4.0.3 through 4.0.7, 5.0 through 5.0.2, and 6.0.0; Rational Rhapsody Design Manager (DM) 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0.0; and Rational Software Architect Design Manager (DM) 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0.0 allows remote authenticated users to conduct clickjacking attacks via a crafted web site.
Affected (131)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2.0.1 |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 3.0.0.1 |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2.0.0.1 |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.0.0.1 |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.0.1 |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Version 3.0.1 |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Version 3.0.0.1 |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2.0.0.1 |
References (10)
Source: psirt@us.ibm.com
Source: psirt@us.ibm.com
Source: psirt@us.ibm.com
Source: psirt@us.ibm.com
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.