← Back

CVE-2017-1524

nvd nist
Published: Mar 23, 2018Modified: Nov 21, 2024

JSON object

Loading...
4.3
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Exploitability: 2.8 / Impact: 1.4
Source: NVD

Description

IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to obtain sensitive information from a specially crafted HTTP request that could be used to aid future attacks. IBM X-Force ID: 129970.

Affected (32)

Ibm
7 products
Rational Collaborative Lifecycle Management
Rational Quality Manager
Rational Team Concert
Rational Doors Next Generation
Rational Engineering Lifecycle Manager
Rational Rhapsody Design Manager
Rational Software Architect Design Manager
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Rational Collaborative Lifecycle Management
From 4.0.0 to 6.0.5
Configuration B
5 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Rational Quality Manager
From 4.0.0 to 4.0.7
Rational Quality Manager
From 6.0 to 6.0.5
Rational Quality Manager
Version 5.0.0
Rational Quality Manager
Version 5.0.1
Rational Quality Manager
Version 5.0.2
Configuration C
5 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Rational Team Concert
From 4.0.0 to 4.0.7
Rational Team Concert
From 6.0.0 to 6.0.5
Rational Team Concert
Version 5.0.0
Rational Team Concert
Version 5.0.1
Rational Team Concert
Version 5.0.2
Configuration D
5 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Rational Doors Next Generation
From 4.0.1 to 4.0.7
Rational Doors Next Generation
From 6.0.0 to 6.0.5
Rational Doors Next Generation
Version 5.0.0
Rational Doors Next Generation
Version 5.0.1
Rational Doors Next Generation
Version 5.0.2
Configuration E
5 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Rational Engineering Lifecycle Manager
From 4.0.3 to 4.0.7
Rational Engineering Lifecycle Manager
From 6.0.0 to 6.0.5
Rational Engineering Lifecycle Manager
Version 5.0.0
Rational Engineering Lifecycle Manager
Version 5.0.1
Rational Engineering Lifecycle Manager
Version 5.0.2
Configuration F
5 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Rational Rhapsody Design Manager
From 4.0 to 4.0.7
Rational Rhapsody Design Manager
From 6.0.0 to 6.0.5
Rational Rhapsody Design Manager
Version 5.0.0
Rational Rhapsody Design Manager
Version 5.0.1
Rational Rhapsody Design Manager
Version 5.0.2
Configuration G
6 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Rational Software Architect Design Manager
From 4.0.0 to 4.0.7
Rational Software Architect Design Manager
Version 5.0.0
Rational Software Architect Design Manager
Version 5.0.1
Rational Software Architect Design Manager
Version 5.0.2
Rational Software Architect Design Manager
Version 6.0.0
Rational Software Architect Design Manager
Version 6.0.1

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (6)

Source: psirt@us.ibm.com
PatchVendor Advisory
Source: psirt@us.ibm.com
Third Party AdvisoryVDB Entry
Source: psirt@us.ibm.com
VDB EntryVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
VDB EntryVendor Advisory

Timeline

No history available yet.