CVE-2015-4962
3.5
Vector
CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Exploitability: 2.1 / Impact: 1.4
Source: NVD
Description
Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Engineering Lifecycle Manager (RELM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; Rational Rhapsody Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; and Rational Software Architect Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1 uses weak permissions for unspecified project areas, which allows remote authenticated users to obtain sensitive information via unknown vectors.
Affected (131)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 3.0.0.1 |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2.0.1 |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2.0.0.1 |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.0.0.1 |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Version 3.0.0.1 |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Version 3.0.1 |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.0.1 |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2.0.0.1 |
References (2)
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.