← Back

CVE-2017-1602

nvd nist
Published: Mar 23, 2018Modified: Nov 21, 2024

JSON object

Loading...
4.3
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Exploitability: 2.8 / Impact: 1.4
Source: NVD

Description

IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to access settings that they should not be able to using a specially crafted URL. IBM X-Force ID: 132625.

Affected (32)

Ibm
7 products
Rational Collaborative Lifecycle Management
Rational Quality Manager
Rational Team Concert
Rational Doors Next Generation
Rational Engineering Lifecycle Manager
Rational Rhapsody Design Manager
Rational Software Architect Design Manager
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Rational Collaborative Lifecycle Management
From 4.0.0 to 6.0.5
Configuration B
5 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Rational Quality Manager
From 4.0.0 to 4.0.7
Rational Quality Manager
From 6.0.0 to 6.0.5
Rational Quality Manager
Version 5.0.0
Rational Quality Manager
Version 5.0.1
Rational Quality Manager
Version 5.0.2
Configuration C
5 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Rational Team Concert
From 4.0.0 to 4.0.7
Rational Team Concert
From 6.0.0 to 6.0.5
Rational Team Concert
Version 5.0.0
Rational Team Concert
Version 5.0.1
Rational Team Concert
Version 5.0.2
Configuration D
5 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Rational Doors Next Generation
From 4.0.1 to 4.0.7
Rational Doors Next Generation
From 6.0.0 to 6.0.5
Rational Doors Next Generation
Version 5.0.0
Rational Doors Next Generation
Version 5.0.1
Rational Doors Next Generation
Version 5.0.2
Configuration E
5 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Rational Engineering Lifecycle Manager
From 4.0.3 to 4.0.7
Rational Engineering Lifecycle Manager
From 6.0.0 to 6.0.5
Rational Engineering Lifecycle Manager
Version 5.0.0
Rational Engineering Lifecycle Manager
Version 5.0.1
Rational Engineering Lifecycle Manager
Version 5.0.2
Configuration F
5 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Rational Rhapsody Design Manager
From 4.0 to 4.0.7
Rational Rhapsody Design Manager
From 6.0.0 to 6.0.5
Rational Rhapsody Design Manager
Version 5.0.0
Rational Rhapsody Design Manager
Version 5.0.1
Rational Rhapsody Design Manager
Version 5.0.2
Configuration G
6 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Rational Software Architect Design Manager
From 4.0.0 to 4.0.7
Rational Software Architect Design Manager
Version 5.0.0
Rational Software Architect Design Manager
Version 5.0.1
Rational Software Architect Design Manager
Version 5.0.2
Rational Software Architect Design Manager
Version 6.0.0
Rational Software Architect Design Manager
Version 6.0.1

Related CWEs

CWE-552
Files or Directories Accessible to External Parties
The product makes files or directories accessible to unauthorized actors, even though they should not be.

References (6)

Source: psirt@us.ibm.com
PatchVendor Advisory
Source: psirt@us.ibm.com
Third Party AdvisoryVDB Entry
Source: psirt@us.ibm.com
VDB EntryVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
VDB EntryVendor Advisory

Timeline

No history available yet.