CVE-2017-1237

Published: Jul 6, 2018Modified: Nov 21, 2024

5.4

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Exploitability: 2.3 / Impact: 2.7

Source: NVD

Description

IBM Jazz based applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124355.

Affected (15)

Products: Ibm: Rational Collaborative Lifecycle Management, Rational Team Concert, Rational Doors Next Generation, Rational Quality Manager, Rational Rhapsody Design Manager, Rational Software Architect Design Manager, Rational Engineering Lifecycle Manager

Ibm

7 products

Rational Collaborative Lifecycle Management

Rational Team Concert

Rational Doors Next Generation

Rational Quality Manager

Rational Rhapsody Design Manager

Rational Software Architect Design Manager

Rational Engineering Lifecycle Manager

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Ibm Rational Collaborative Lifecycle Management	From 6.0.0 to 6.0.5
Ibm Rational Collaborative Lifecycle Management	Version 5.0.1

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Ibm Rational Team Concert	From 6.0.0 to 6.0.5
Ibm Rational Team Concert	Version 5.0.1

Configuration C

2 vulnerable

Vulnerable Software	Affected Versions
Ibm Rational Doors Next Generation	From 6.0.0 to 6.0.5
Ibm Rational Doors Next Generation	Version 5.0.1

Configuration D

2 vulnerable

Vulnerable Software	Affected Versions
Ibm Rational Quality Manager	From 6.0.0 to 6.0.5
Ibm Rational Quality Manager	Version 5.0.1

Configuration E

2 vulnerable

Vulnerable Software	Affected Versions
Ibm Rational Rhapsody Design Manager	From 6.0.0 to 6.0.5
Ibm Rational Rhapsody Design Manager	Version 5.0.1

Configuration F

3 vulnerable

Vulnerable Software	Affected Versions
Ibm Rational Software Architect Design Manager	Version 5.0.1
Ibm Rational Software Architect Design Manager	Version 6.0.0
Ibm Rational Software Architect Design Manager	Version 6.0.1