Ibm Rational Engineering Lifecycle Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Rational Engineering Lifecycle Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (141)
CVE-2020-4495 — CVSS 8.8 (high): IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to bypass security restrictions, caused by improper access…
CVE-2021-29844 — CVSS 8.8 (high): IBM Jazz Team Server products is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send…
CVE-2016-9707 — CVSS 8.1 (high): IBM Jazz Foundation is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data…
CVE-2015-7440 — CVSS 7.8 (high): IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before…
CVE-2019-4252 — CVSS 7.5 (high): IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 could allow a remote attacker to traverse directories on the system. An…
CVE-2020-4965 — CVSS 7.5 (high): IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive…
CVE-2021-29774 — CVSS 7.5 (high): IBM Jazz Team Server products could allow an authenticated user to obtain elevated privileges under certain configurations. IBM X-Force ID…
CVE-2018-1846 — CVSS 7.1 (high): IBM Rational Engineering Lifecycle Manager 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to a XML External Entity Injection (XXE)…
CVE-2018-1588 — CVSS 7.1 (high): IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6) is vulnerable to a XML External…
CVE-2018-1607 — CVSS 7.1 (high): IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 is vulnerable to a XML External Entity Injection (XXE)…
CVE-2021-20502 — CVSS 7.1 (high): IBM Jazz Foundation Products are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker…
CVE-2015-1928 — CVSS 6.8 (medium): Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2…
CVE-2021-29786 — CVSS 6.5 (medium): IBM Jazz Team Server products stores user credentials in clear text which can be read by an authenticated user. IBM X-Force ID: 203172.
CVE-2021-20371 — CVSS 6.5 (medium): IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to obtain sensitive information when an error message is…
CVE-2017-1700 — CVSS 6.5 (medium): IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next…
CVE-2020-4732 — CVSS 6.5 (medium): IBM Jazz Foundation and IBM Engineering products could allow an authenticated user to obtain sensitive information due to lack of security…
CVE-2016-0219 — CVSS 6.5 (medium): XML external entity (XXE) vulnerability in IBM Rational Team Concert 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0…
CVE-2020-4974 — CVSS 6.3 (medium): IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send…
CVE-2015-7453 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1…
CVE-2014-3037 — CVSS 6.0 (medium): Cross-site request forgery (CSRF) vulnerability in IBM Configuration Management Application (aka VVC) in IBM Rational Engineering Lifecycle…
CVE-2018-1608 — CVSS 5.9 (medium): IBM Rational Engineering Lifecycle Manager 6.0 through 6.0.6 uses weaker than expected cryptographic algorithms that could allow an…
CVE-2018-1694 — CVSS 5.9 (medium): IBM Jazz applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next…
CVE-2021-20357 — CVSS 5.4 (medium): IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2015-7474 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in Jazz Foundation in IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim…
CVE-2015-7485 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before…
CVE-2015-7486 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before…
CVE-2016-0273 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11…
CVE-2016-0284 — CVSS 5.4 (medium): The XML parser in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18…
CVE-2016-2864 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11…
CVE-2016-2926 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2…
CVE-2016-2986 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 6.x before 6.0.1 iFix6, Rational Quality…
CVE-2016-3014 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2…
CVE-2016-9747 — CVSS 5.4 (medium): IBM RELM 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the…
CVE-2016-9973 — CVSS 5.4 (medium): IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI…
CVE-2017-1168 — CVSS 5.4 (medium): IBM Rational Engineering Lifecycle Manager 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to…
CVE-2017-1237 — CVSS 5.4 (medium): IBM Jazz based applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2019-4083 — CVSS 5.4 (medium): IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) is vulnerable to cross-site scripting…
CVE-2019-4249 — CVSS 5.4 (medium): IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users…
CVE-2019-4250 — CVSS 5.4 (medium): IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) is vulnerable to cross-site scripting…
CVE-2020-4445 — CVSS 5.4 (medium): IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2020-4522 — CVSS 5.4 (medium): IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2020-4524 — CVSS 5.4 (medium): IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2020-4546 — CVSS 5.4 (medium): IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2020-4547 — CVSS 5.4 (medium): IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a…
CVE-2020-4691 — CVSS 5.4 (medium): IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2020-4697 — CVSS 5.4 (medium): IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2020-4733 — CVSS 5.4 (medium): IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2020-4855 — CVSS 5.4 (medium): IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2020-4865 — CVSS 5.4 (medium): IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2020-4920 — CVSS 5.4 (medium): IBM Jazz Team Server products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript…
CVE-2020-4977 — CVSS 5.4 (medium): IBM Engineering Lifecycle Optimization - Publishing is vulnerable to stored cross-site scripting. This vulnerability allows users to embed…
CVE-2020-5004 — CVSS 5.4 (medium): IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2020-5030 — CVSS 5.4 (medium): IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2020-5031 — CVSS 5.4 (medium): IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2021-20338 — CVSS 5.4 (medium): IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2021-20343 — CVSS 5.4 (medium): IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authenticated…
CVE-2021-20345 — CVSS 5.4 (medium): IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authenticated…
CVE-2021-20346 — CVSS 5.4 (medium): IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authenticated…
CVE-2021-20347 — CVSS 5.4 (medium): IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authenticated…
CVE-2021-20348 — CVSS 5.4 (medium): IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authenticated…
CVE-2021-20352 — CVSS 5.4 (medium): IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2021-20447 — CVSS 5.4 (medium): IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2021-20503 — CVSS 5.4 (medium): IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2021-20504 — CVSS 5.4 (medium): IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2021-20506 — CVSS 5.4 (medium): IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2021-20507 — CVSS 5.4 (medium): IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2021-20518 — CVSS 5.4 (medium): IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2021-20519 — CVSS 5.4 (medium): IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2021-20520 — CVSS 5.4 (medium): IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2021-29668 — CVSS 5.4 (medium): IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2021-29670 — CVSS 5.4 (medium): IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2021-29673 — CVSS 5.4 (medium): IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2021-29713 — CVSS 5.4 (medium): IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2017-1324 — CVSS 5.4 (medium): IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the…
CVE-2017-1334 — CVSS 5.4 (medium): IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the…
CVE-2017-1335 — CVSS 5.4 (medium): IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the…
CVE-2017-1359 — CVSS 5.4 (medium): IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the…
CVE-2017-1364 — CVSS 5.4 (medium): IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the…
CVE-2017-1365 — CVSS 5.4 (medium): IBM Team Concert (RTC including IBM Rational Collaborative Lifecycle Management 4.0, 5.0., and 6.0) is vulnerable to cross-site scripting…
CVE-2017-1369 — CVSS 5.4 (medium): IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the…
CVE-2017-1429 — CVSS 5.4 (medium): IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the…
CVE-2017-1629 — CVSS 5.4 (medium): IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability…
CVE-2017-1653 — CVSS 5.4 (medium): IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 6.0.x) is vulnerable to cross-site scripting. This vulnerability…
CVE-2017-1655 — CVSS 5.4 (medium): IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability…
CVE-2017-1753 — CVSS 5.4 (medium): Multiple IBM Rational products are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed…
CVE-2017-1762 — CVSS 5.4 (medium): IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability…
CVE-2018-1394 — CVSS 5.4 (medium): Multiple IBM Rational products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code…
CVE-2018-1539 — CVSS 5.4 (medium): IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 could allow remote attackers to bypass authentication via…
CVE-2018-1558 — CVSS 5.4 (medium): IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This…
CVE-2018-1560 — CVSS 5.4 (medium): IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability…
CVE-2018-1659 — CVSS 5.4 (medium): IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability…
CVE-2018-1688 — CVSS 5.4 (medium): IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 through 6.0.6) is vulnerable to cross-site scripting. This…
CVE-2018-1758 — CVSS 5.4 (medium): IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users…
CVE-2018-1760 — CVSS 5.4 (medium): IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users…
CVE-2018-1762 — CVSS 5.4 (medium): IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This…
CVE-2018-1826 — CVSS 5.4 (medium): IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users…
CVE-2018-1827 — CVSS 5.4 (medium): IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users…
CVE-2018-1828 — CVSS 5.4 (medium): IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users…
CVE-2018-1892 — CVSS 5.4 (medium): IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users…
CVE-2018-1893 — CVSS 5.4 (medium): IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users…
CVE-2018-1910 — CVSS 5.4 (medium): IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to…
CVE-2018-1914 — CVSS 5.4 (medium): IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to…
CVE-2018-1916 — CVSS 5.4 (medium): IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6) is vulnerable to cross-site scripting. This…
CVE-2018-1952 — CVSS 5.4 (medium): IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6) is vulnerable to cross-site scripting. This…
CVE-2014-3092 — CVSS 5.0 (medium): IBM Jazz Team Server, as used in Rational Collaborative Lifecycle Management; Rational Quality Manager 3.x before 3.0.1.6 iFix 3, 4.x…
CVE-2015-0113 — CVSS 5.0 (medium): The Jazz help system in IBM Rational Collaborative Lifecycle Management 4.0 through 5.0.2, Rational Quality Manager 4.0 through 4.0.7 and…
CVE-2015-7471 — CVSS 4.8 (medium): Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1…
CVE-2018-1734 — CVSS 4.3 (medium): IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 discloses sensitive information in error messages that may be used by a…
CVE-2020-4487 — CVSS 4.3 (medium): IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message is…
CVE-2015-1971 — CVSS 4.3 (medium): Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x…
CVE-2017-1251 — CVSS 4.3 (medium): An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacker. IBM…
CVE-2016-6024 — CVSS 4.3 (medium): IBM Jazz technology based products might divulge information that might be useful in helping attackers through error messages. IBM X-Force…
CVE-2018-1929 — CVSS 4.3 (medium): IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6 could allow a malicious user to be allowed to view any view if he knows the…
CVE-2015-7484 — CVSS 4.3 (medium): IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1 and 4.0 before 4.0.7 iFix10 allow remote authenticated…
CVE-2017-1099 — CVSS 4.3 (medium): IBM Jazz Foundation could expose potentially sensitive information to authenticated users through stack trace error conditions. IBM X-Force…
CVE-2018-1606 — CVSS 4.3 (medium): IBM Jazz based applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS…
CVE-2016-9735 — CVSS 4.3 (medium): IBM Jazz Foundation could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID: 119781,
CVE-2016-9700 — CVSS 4.3 (medium): IBM Jazz Foundation could allow an authenticated attacker to obtain sensitive information from error message stack traces. IBM X-Force ID…
CVE-2019-4084 — CVSS 4.3 (medium): IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) could allow an authenticated user to…
CVE-2017-1240 — CVSS 4.3 (medium): IBM Rhapsody DM products could reveal sensitive information in HTTP 500 Internal Server Error responses. IBM X-Force ID: 124359.
CVE-2017-1507 — CVSS 4.3 (medium): IBM Jazz Foundation Products could disclose sensitive information during a scan that could lead to further attacks against the system. IBM…
CVE-2017-1509 — CVSS 4.3 (medium): IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid…
CVE-2017-1524 — CVSS 4.3 (medium): IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to obtain sensitive…
CVE-2017-1570 — CVSS 4.3 (medium): IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID: 131852.
CVE-2017-1602 — CVSS 4.3 (medium): IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to access settings that they…
CVE-2016-2987 — CVSS 4.3 (medium): An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacker.
CVE-2020-4964 — CVSS 4.3 (medium): IBM Jazz Team Server products contain an undisclosed vulnerability that could allow an authenticated user to present a customized message…
CVE-2020-4544 — CVSS 4.3 (medium): IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message is…
CVE-2017-1191 — CVSS 4.3 (medium): An undisclosed vulnerability in CLM applications (including IBM Rational Collaborative Lifecycle Management 4.0, 5.0, and 6.0) with…
CVE-2017-1725 — CVSS 4.3 (medium): IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next…
CVE-2017-1734 — CVSS 4.3 (medium): IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next…
CVE-2018-1423 — CVSS 4.3 (medium): IBM Jazz Foundation products could disclose sensitive information to an authenticated attacker that could be used in further attacks…
CVE-2018-1492 — CVSS 4.3 (medium): IBM Jazz Foundation products could allow a user with physical access to the system to log in as another user due to the server's failure to…
CVE-2015-0112 — CVSS 4.0 (medium): Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1, 4.x before 4.0.7 IF5, and 5.x before…
CVE-2016-0372 — CVSS 3.7 (low): IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before…
CVE-2017-1488 — CVSS 3.7 (low): An undisclosed vulnerability in Jazz common products exists with potential for information disclosure. IBM X-Force ID: 128627.
CVE-2015-4962 — CVSS 3.5 (low): Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2…
CVE-2015-4946 — CVSS 3.3 (low): Rational LifeCycle Project Administration in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before…
CVE-2015-7449 — CVSS 3.3 (low): IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and…
CVE-2017-1559 — CVSS 3.1 (low): Multiple IBM Rational products could disclose sensitive information by an attacker that intercepts vulnerable requests. IBM X-Force ID…
CVE-2016-2947 — CVSS 2.7 (low): IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational…