CVE-2016-2947

Published: Nov 25, 2016Modified: May 6, 2026

2.7

Vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Exploitability: 1.2 / Impact: 1.4

Source: NVD

Description

IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Team Concert 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational DOORS Next Generation 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Engineering Lifecycle Manager 4.x before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Rhapsody Design Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; and Rational Software Architect Design Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5 allow remote authenticated users to obtain sensitive information via unspecified vectors.

Affected (101)

Products: Ibm: Rational Team Concert, Rational Rhapsody Design Manager, Rational Software Architect Design Manager, Rational Doors Next Generation, Rational Collaborative Lifecycle Management, Rational Engineering Lifecycle Manager, Rational Quality Manager

Ibm

7 products

Rational Team Concert

Rational Rhapsody Design Manager

Rational Software Architect Design Manager

Rational Doors Next Generation

Rational Collaborative Lifecycle Management

Rational Engineering Lifecycle Manager

Rational Quality Manager

Configuration A

15 vulnerable

Vulnerable Software	Affected Versions
Ibm Rational Team Concert	Version 3.0.1.6
Ibm Rational Team Concert	Version 4.0.0
Ibm Rational Team Concert	Version 4.0.1
Ibm Rational Team Concert	Version 4.0.2
Ibm Rational Team Concert	Version 4.0.3
Ibm Rational Team Concert	Version 4.0.4
Ibm Rational Team Concert	Version 4.0.5
Ibm Rational Team Concert	Version 4.0.6
Ibm Rational Team Concert	Version 4.0.7
Ibm Rational Team Concert	Version 5.0.0
Ibm Rational Team Concert	Version 5.0.1
Ibm Rational Team Concert	Version 5.0.2
Ibm Rational Team Concert	Version 6.0.0
Ibm Rational Team Concert	Version 6.0.1
Ibm Rational Team Concert	Version 6.0.2

Configuration B

14 vulnerable

Vulnerable Software	Affected Versions
Ibm Rational Rhapsody Design Manager	Version 4.0.1
Ibm Rational Rhapsody Design Manager	Version 4.0.2
Ibm Rational Rhapsody Design Manager	Version 4.0.3
Ibm Rational Rhapsody Design Manager	Version 4.0.4
Ibm Rational Rhapsody Design Manager	Version 4.0.5
Ibm Rational Rhapsody Design Manager	Version 4.0.6
Ibm Rational Rhapsody Design Manager	Version 4.0.7
Ibm Rational Rhapsody Design Manager	Version 4.0
Ibm Rational Rhapsody Design Manager	Version 5.0.0
Ibm Rational Rhapsody Design Manager	Version 5.0.1
Ibm Rational Rhapsody Design Manager	Version 5.0.2
Ibm Rational Rhapsody Design Manager	Version 6.0.0
Ibm Rational Rhapsody Design Manager	Version 6.0.1
Ibm Rational Rhapsody Design Manager	Version 6.0.2

Configuration C

14 vulnerable

Vulnerable Software	Affected Versions
Ibm Rational Software Architect Design Manager	Version 4.0.0
Ibm Rational Software Architect Design Manager	Version 4.0.1
Ibm Rational Software Architect Design Manager	Version 4.0.2
Ibm Rational Software Architect Design Manager	Version 4.0.3
Ibm Rational Software Architect Design Manager	Version 4.0.4
Ibm Rational Software Architect Design Manager	Version 4.0.5
Ibm Rational Software Architect Design Manager	Version 4.0.6
Ibm Rational Software Architect Design Manager	Version 4.0.7
Ibm Rational Software Architect Design Manager	Version 5.0.0
Ibm Rational Software Architect Design Manager	Version 5.0.1
Ibm Rational Software Architect Design Manager	Version 5.0.2
Ibm Rational Software Architect Design Manager	Version 6.0.0
Ibm Rational Software Architect Design Manager	Version 6.0.1
Ibm Rational Software Architect Design Manager	Version 6.0.2

Configuration D

14 vulnerable

Vulnerable Software	Affected Versions
Ibm Rational Doors Next Generation	Version 4.0.0
Ibm Rational Doors Next Generation	Version 4.0.1
Ibm Rational Doors Next Generation	Version 4.0.2
Ibm Rational Doors Next Generation	Version 4.0.3
Ibm Rational Doors Next Generation	Version 4.0.4
Ibm Rational Doors Next Generation	Version 4.0.5
Ibm Rational Doors Next Generation	Version 4.0.6
Ibm Rational Doors Next Generation	Version 4.0.7
Ibm Rational Doors Next Generation	Version 5.0.0
Ibm Rational Doors Next Generation	Version 5.0.1
Ibm Rational Doors Next Generation	Version 5.0.2
Ibm Rational Doors Next Generation	Version 6.0.0
Ibm Rational Doors Next Generation	Version 6.0.1
Ibm Rational Doors Next Generation	Version 6.0.2

Configuration E

15 vulnerable

Vulnerable Software	Affected Versions
Ibm Rational Collaborative Lifecycle Management	Version 3.0.1.6
Ibm Rational Collaborative Lifecycle Management	Version 4.0.0
Ibm Rational Collaborative Lifecycle Management	Version 4.0.1
Ibm Rational Collaborative Lifecycle Management	Version 4.0.2
Ibm Rational Collaborative Lifecycle Management	Version 4.0.3
Ibm Rational Collaborative Lifecycle Management	Version 4.0.4
Ibm Rational Collaborative Lifecycle Management	Version 4.0.5
Ibm Rational Collaborative Lifecycle Management	Version 4.0.6
Ibm Rational Collaborative Lifecycle Management	Version 4.0.7
Ibm Rational Collaborative Lifecycle Management	Version 5.0.0
Ibm Rational Collaborative Lifecycle Management	Version 5.0.1
Ibm Rational Collaborative Lifecycle Management	Version 5.0.2
Ibm Rational Collaborative Lifecycle Management	Version 6.0.0
Ibm Rational Collaborative Lifecycle Management	Version 6.0.1
Ibm Rational Collaborative Lifecycle Management	Version 6.0.2

Configuration F

14 vulnerable

Vulnerable Software	Affected Versions
Ibm Rational Engineering Lifecycle Manager	Version 4.0.0
Ibm Rational Engineering Lifecycle Manager	Version 4.0.1
Ibm Rational Engineering Lifecycle Manager	Version 4.0.2
Ibm Rational Engineering Lifecycle Manager	Version 4.0.3
Ibm Rational Engineering Lifecycle Manager	Version 4.0.4
Ibm Rational Engineering Lifecycle Manager	Version 4.0.5
Ibm Rational Engineering Lifecycle Manager	Version 4.0.6
Ibm Rational Engineering Lifecycle Manager	Version 4.0.7
Ibm Rational Engineering Lifecycle Manager	Version 5.0.0
Ibm Rational Engineering Lifecycle Manager	Version 5.0.1
Ibm Rational Engineering Lifecycle Manager	Version 5.0.2
Ibm Rational Engineering Lifecycle Manager	Version 6.0.0
Ibm Rational Engineering Lifecycle Manager	Version 6.0.1
Ibm Rational Engineering Lifecycle Manager	Version 6.0.2

Configuration G

15 vulnerable

Vulnerable Software	Affected Versions
Ibm Rational Quality Manager	Version 3.0.1.6
Ibm Rational Quality Manager	Version 4.0.0
Ibm Rational Quality Manager	Version 4.0.1
Ibm Rational Quality Manager	Version 4.0.2
Ibm Rational Quality Manager	Version 4.0.3
Ibm Rational Quality Manager	Version 4.0.4
Ibm Rational Quality Manager	Version 4.0.5
Ibm Rational Quality Manager	Version 4.0.6
Ibm Rational Quality Manager	Version 4.0.7
Ibm Rational Quality Manager	Version 5.0.0
Ibm Rational Quality Manager	Version 5.0.1
Ibm Rational Quality Manager	Version 5.0.2
Ibm Rational Quality Manager	Version 6.0.0
Ibm Rational Quality Manager	Version 6.0.1
Ibm Rational Quality Manager	Version 6.0.2

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

http://www-01.ibm.com/support/docview.wss?uid=swg21991477

Source: psirt@us.ibm.com

Vendor Advisory

http://www.securityfocus.com/bid/94518

Source: psirt@us.ibm.com

http://www-01.ibm.com/support/docview.wss?uid=swg21991477

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/94518

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.