← Back

CVE-2018-1423

nvd nist
Published: Jul 10, 2018Modified: Nov 21, 2024

JSON object

Loading...
6.5
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Exploitability: 2.8 / Impact: 3.6
Source: NVD

Description

IBM Jazz Foundation products could disclose sensitive information to an authenticated attacker that could be used in further attacks against the system. IBM X-Force ID: 139026.

Affected (13)

Ibm
7 products
Rational Collaborative Lifecycle Management
Rational Team Concert
Rational Doors Next Generation
Rational Quality Manager
Rational Rhapsody Design Manager
Rational Software Architect Design Manager
Rational Engineering Lifecycle Manager
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Rational Collaborative Lifecycle Management
From 5.0 to 6.0.5
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Rational Team Concert
From 5.0 to 5.0.2
Rational Team Concert
From 6.0.0 to 6.0.5
Configuration C
2 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Rational Doors Next Generation
From 5.0 to 5.0.2
Rational Doors Next Generation
From 6.0.0 to 6.0.5
Configuration D
2 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Rational Quality Manager
From 5.0 to 5.0.2
Rational Quality Manager
From 6.0.0 to 6.0.5
Configuration E
2 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Rational Rhapsody Design Manager
From 5.0 to 5.0.2
Rational Rhapsody Design Manager
From 6.0.0 to 6.0.5
Configuration F
2 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Rational Software Architect Design Manager
From 5.0 to 5.0.2
Rational Software Architect Design Manager
From 6.0 to 6.0.1
Configuration G
2 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Rational Engineering Lifecycle Manager
From 5.0 to 5.0.2
Rational Engineering Lifecycle Manager
From 6.0.0 to 6.0.5

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

Source: psirt@us.ibm.com
Vendor Advisory
Source: psirt@us.ibm.com
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry

Timeline

No history available yet.