Ibm Rational Quality Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Rational Quality Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (200)
CVE-2016-0326 — CVSS 8.8 (high): IBM Rational Quality Manager (RQM) and Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.x before 4.0.7 iFix11, 5.x…
CVE-2020-4495 — CVSS 8.8 (high): IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to bypass security restrictions, caused by improper access…
CVE-2017-1103 — CVSS 8.1 (high): IBM Team Concert (RTC) is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML…
CVE-2016-9707 — CVSS 8.1 (high): IBM Jazz Foundation is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data…
CVE-2015-7440 — CVSS 7.8 (high): IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before…
CVE-2019-4252 — CVSS 7.5 (high): IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 could allow a remote attacker to traverse directories on the system. An…
CVE-2020-4965 — CVSS 7.5 (high): IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive…
CVE-2015-1928 — CVSS 6.8 (medium): Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2…
CVE-2016-0219 — CVSS 6.5 (medium): XML external entity (XXE) vulnerability in IBM Rational Team Concert 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0…
CVE-2020-4732 — CVSS 6.5 (medium): IBM Jazz Foundation and IBM Engineering products could allow an authenticated user to obtain sensitive information due to lack of security…
CVE-2017-1700 — CVSS 6.5 (medium): IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next…
CVE-2021-20371 — CVSS 6.5 (medium): IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to obtain sensitive information when an error message is…
CVE-2017-1738 — CVSS 6.3 (medium): IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 contains an undisclosed vulnerability that would allow an…
CVE-2020-4974 — CVSS 6.3 (medium): IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send…
CVE-2015-7453 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1…
CVE-2018-1694 — CVSS 5.9 (medium): IBM Jazz applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next…
CVE-2014-6129 — CVSS 5.5 (medium): IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before…
CVE-2021-38934 — CVSS 5.4 (medium): IBM Engineering Test Management 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed…
CVE-2018-1823 — CVSS 5.4 (medium): IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2018-1824 — CVSS 5.4 (medium): IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2018-1825 — CVSS 5.4 (medium): IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2018-1826 — CVSS 5.4 (medium): IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users…
CVE-2018-1827 — CVSS 5.4 (medium): IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users…
CVE-2018-1828 — CVSS 5.4 (medium): IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users…
CVE-2018-1829 — CVSS 5.4 (medium): IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2018-1892 — CVSS 5.4 (medium): IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users…
CVE-2018-1893 — CVSS 5.4 (medium): IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users…
CVE-2018-1916 — CVSS 5.4 (medium): IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6) is vulnerable to cross-site scripting. This…
CVE-2018-1952 — CVSS 5.4 (medium): IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6) is vulnerable to cross-site scripting. This…
CVE-2019-4083 — CVSS 5.4 (medium): IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) is vulnerable to cross-site scripting…
CVE-2019-4249 — CVSS 5.4 (medium): IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users…
CVE-2019-4250 — CVSS 5.4 (medium): IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) is vulnerable to cross-site scripting…
CVE-2019-4602 — CVSS 5.4 (medium): IBM Quality Manager (RQM) 6.02, 6.06, and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2019-4748 — CVSS 5.4 (medium): IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2020-4445 — CVSS 5.4 (medium): IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2020-4522 — CVSS 5.4 (medium): IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2020-4524 — CVSS 5.4 (medium): IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2020-4546 — CVSS 5.4 (medium): IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2020-4547 — CVSS 5.4 (medium): IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a…
CVE-2020-4691 — CVSS 5.4 (medium): IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2020-4697 — CVSS 5.4 (medium): IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2020-4733 — CVSS 5.4 (medium): IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2020-4855 — CVSS 5.4 (medium): IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2020-4856 — CVSS 5.4 (medium): IBM Engineering products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code…
CVE-2020-4857 — CVSS 5.4 (medium): IBM Engineering products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code…
CVE-2020-4863 — CVSS 5.4 (medium): IBM Engineering products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code…
CVE-2020-4865 — CVSS 5.4 (medium): IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2020-4866 — CVSS 5.4 (medium): IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the…
CVE-2020-4920 — CVSS 5.4 (medium): IBM Jazz Team Server products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript…
CVE-2020-4975 — CVSS 5.4 (medium): IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the…
CVE-2020-4977 — CVSS 5.4 (medium): IBM Engineering Lifecycle Optimization - Publishing is vulnerable to stored cross-site scripting. This vulnerability allows users to embed…
CVE-2020-5004 — CVSS 5.4 (medium): IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2020-5030 — CVSS 5.4 (medium): IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2021-20338 — CVSS 5.4 (medium): IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2021-20340 — CVSS 5.4 (medium): IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the…
CVE-2021-20343 — CVSS 5.4 (medium): IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authenticated…
CVE-2021-20345 — CVSS 5.4 (medium): IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authenticated…
CVE-2021-20346 — CVSS 5.4 (medium): IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authenticated…
CVE-2021-20347 — CVSS 5.4 (medium): IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authenticated…
CVE-2021-20348 — CVSS 5.4 (medium): IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authenticated…
CVE-2021-20350 — CVSS 5.4 (medium): IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the…
CVE-2021-20351 — CVSS 5.4 (medium): IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the…
CVE-2021-20357 — CVSS 5.4 (medium): IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2021-20519 — CVSS 5.4 (medium): IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2021-29668 — CVSS 5.4 (medium): IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2021-29670 — CVSS 5.4 (medium): IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2016-0273 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11…
CVE-2016-0284 — CVSS 5.4 (medium): The XML parser in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18…
CVE-2016-2864 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11…
CVE-2016-2926 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2…
CVE-2016-2986 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 6.x before 6.0.1 iFix6, Rational Quality…
CVE-2016-3014 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2…
CVE-2016-6022 — CVSS 5.4 (medium): IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2016-6031 — CVSS 5.4 (medium): IBM Rational Quality Manager 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2016-6035 — CVSS 5.4 (medium): IBM Rational Quality Manager is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2016-6036 — CVSS 5.4 (medium): IBM Rational Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed…
CVE-2016-9973 — CVSS 5.4 (medium): IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI…
CVE-2017-1100 — CVSS 5.4 (medium): IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2017-1101 — CVSS 5.4 (medium): IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2017-1102 — CVSS 5.4 (medium): IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2017-1104 — CVSS 5.4 (medium): IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2017-1237 — CVSS 5.4 (medium): IBM Jazz based applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2017-1238 — CVSS 5.4 (medium): IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed…
CVE-2017-1242 — CVSS 5.4 (medium): IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code…
CVE-2017-1248 — CVSS 5.4 (medium): IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code…
CVE-2017-1250 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1275 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1277 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1280 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1281 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1293 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1294 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1299 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1306 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1312 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1313 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1314 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1315 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1316 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1317 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1329 — CVSS 5.4 (medium): IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code…
CVE-2017-1365 — CVSS 5.4 (medium): IBM Team Concert (RTC including IBM Rational Collaborative Lifecycle Management 4.0, 5.0., and 6.0) is vulnerable to cross-site scripting…
CVE-2017-1561 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1562 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1564 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1565 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1568 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1592 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1608 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1609 — CVSS 5.4 (medium): IBM Quality Manager (RQM) 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users…
CVE-2017-1621 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1629 — CVSS 5.4 (medium): IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability…
CVE-2017-1649 — CVSS 5.4 (medium): IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows…
CVE-2017-1651 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1652 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1653 — CVSS 5.4 (medium): IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 6.0.x) is vulnerable to cross-site scripting. This vulnerability…
CVE-2017-1655 — CVSS 5.4 (medium): IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability…
CVE-2017-1690 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1691 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1715 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1717 — CVSS 5.4 (medium): IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to…
CVE-2017-1729 — CVSS 5.4 (medium): IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows…
CVE-2017-1753 — CVSS 5.4 (medium): Multiple IBM Rational products are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed…
CVE-2017-1762 — CVSS 5.4 (medium): IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability…
CVE-2017-1791 — CVSS 5.4 (medium): IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows…
CVE-2017-1792 — CVSS 5.4 (medium): IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows…
CVE-2017-1793 — CVSS 5.4 (medium): IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows…
CVE-2018-1394 — CVSS 5.4 (medium): Multiple IBM Rational products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code…
CVE-2018-1395 — CVSS 5.4 (medium): IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows…
CVE-2018-1396 — CVSS 5.4 (medium): IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows…
CVE-2018-1403 — CVSS 5.4 (medium): IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows…
CVE-2018-1404 — CVSS 5.4 (medium): IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows…
CVE-2018-1405 — CVSS 5.4 (medium): IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows…
CVE-2018-1439 — CVSS 5.4 (medium): IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows…
CVE-2018-1440 — CVSS 5.4 (medium): IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows…
CVE-2018-1522 — CVSS 5.4 (medium): IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows…
CVE-2018-1523 — CVSS 5.4 (medium): IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows…
CVE-2018-1549 — CVSS 5.4 (medium): IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to HTTP response splitting attacks. A remote attacker…
CVE-2018-1557 — CVSS 5.4 (medium): IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows…
CVE-2018-1558 — CVSS 5.4 (medium): IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This…
CVE-2018-1601 — CVSS 5.4 (medium): IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows…
CVE-2018-1602 — CVSS 5.4 (medium): IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows…
CVE-2018-1603 — CVSS 5.4 (medium): IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows…
CVE-2018-1604 — CVSS 5.4 (medium): IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows…
CVE-2018-1605 — CVSS 5.4 (medium): IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows…
CVE-2018-1688 — CVSS 5.4 (medium): IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 through 6.0.6) is vulnerable to cross-site scripting. This…
CVE-2018-1691 — CVSS 5.4 (medium): IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows…
CVE-2018-1692 — CVSS 5.4 (medium): IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows…
CVE-2018-1758 — CVSS 5.4 (medium): IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users…
CVE-2018-1759 — CVSS 5.4 (medium): IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2018-1760 — CVSS 5.4 (medium): IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users…
CVE-2018-1762 — CVSS 5.4 (medium): IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This…
CVE-2018-1763 — CVSS 5.4 (medium): IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2018-1764 — CVSS 5.4 (medium): IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2010-4094 — CVSS 5.0 (medium): The Tomcat server in IBM Rational Quality Manager and Rational Test Lab Manager has a default password for the ADMIN account, which makes…
CVE-2014-3092 — CVSS 5.0 (medium): IBM Jazz Team Server, as used in Rational Collaborative Lifecycle Management; Rational Quality Manager 3.x before 3.0.1.6 iFix 3, 4.x…
CVE-2015-0113 — CVSS 5.0 (medium): The Jazz help system in IBM Rational Collaborative Lifecycle Management 4.0 through 5.0.2, Rational Quality Manager 4.0 through 4.0.7 and…
CVE-2015-7471 — CVSS 4.8 (medium): Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1…
CVE-2016-6037 — CVSS 4.8 (medium): IBM Rational Team Concert (RTC) is vulnerable to HTML injection. A remote attacker with project administrator privileges could send a…
CVE-2019-4601 — CVSS 4.3 (medium): IBM Quality Manager (RQM) 6.02, 6.06, and 6.0.6.1 could allow an authenticated user to obtain sensitive information from a stack trace that…
CVE-2018-1734 — CVSS 4.3 (medium): IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 discloses sensitive information in error messages that may be used by a…
CVE-2018-1492 — CVSS 4.3 (medium): IBM Jazz Foundation products could allow a user with physical access to the system to log in as another user due to the server's failure to…
CVE-2015-1971 — CVSS 4.3 (medium): Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x…
CVE-2016-9735 — CVSS 4.3 (medium): IBM Jazz Foundation could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID: 119781,
CVE-2017-1524 — CVSS 4.3 (medium): IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to obtain sensitive…
CVE-2017-1099 — CVSS 4.3 (medium): IBM Jazz Foundation could expose potentially sensitive information to authenticated users through stack trace error conditions. IBM X-Force…
CVE-2017-1734 — CVSS 4.3 (medium): IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next…
CVE-2017-1191 — CVSS 4.3 (medium): An undisclosed vulnerability in CLM applications (including IBM Rational Collaborative Lifecycle Management 4.0, 5.0, and 6.0) with…
CVE-2019-4084 — CVSS 4.3 (medium): IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) could allow an authenticated user to…
CVE-2017-1239 — CVSS 4.3 (medium): IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 could reveal sensitive information in HTTP 500 Internal Server Error responses. IBM…
CVE-2017-1240 — CVSS 4.3 (medium): IBM Rhapsody DM products could reveal sensitive information in HTTP 500 Internal Server Error responses. IBM X-Force ID: 124359.
CVE-2017-1570 — CVSS 4.3 (medium): IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID: 131852.
CVE-2020-4544 — CVSS 4.3 (medium): IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message is…
CVE-2017-1602 — CVSS 4.3 (medium): IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to access settings that they…
CVE-2017-1251 — CVSS 4.3 (medium): An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacker. IBM…
CVE-2018-1606 — CVSS 4.3 (medium): IBM Jazz based applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS…
CVE-2019-4603 — CVSS 4.3 (medium): IBM Quality Manager (RQM) 6.02, 6.06, and 6.0.6.1 could allow an authenticated user to create keywords through the REST API and have them…
CVE-2020-4964 — CVSS 4.3 (medium): IBM Jazz Team Server products contain an undisclosed vulnerability that could allow an authenticated user to present a customized message…
CVE-2018-1423 — CVSS 4.3 (medium): IBM Jazz Foundation products could disclose sensitive information to an authenticated attacker that could be used in further attacks…
CVE-2020-4487 — CVSS 4.3 (medium): IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message is…
CVE-2016-2987 — CVSS 4.3 (medium): An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacker.
CVE-2017-1725 — CVSS 4.3 (medium): IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next…
CVE-2016-6024 — CVSS 4.3 (medium): IBM Jazz technology based products might divulge information that might be useful in helping attackers through error messages. IBM X-Force…
CVE-2017-1507 — CVSS 4.3 (medium): IBM Jazz Foundation Products could disclose sensitive information during a scan that could lead to further attacks against the system. IBM…
CVE-2017-1509 — CVSS 4.3 (medium): IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid…
CVE-2016-9700 — CVSS 4.3 (medium): IBM Jazz Foundation could allow an authenticated attacker to obtain sensitive information from error message stack traces. IBM X-Force ID…
CVE-2014-6131 — CVSS 4.0 (medium): IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before…
CVE-2015-0112 — CVSS 4.0 (medium): Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1, 4.x before 4.0.7 IF5, and 5.x before…
CVE-2016-0372 — CVSS 3.7 (low): IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before…
CVE-2017-1488 — CVSS 3.7 (low): An undisclosed vulnerability in Jazz common products exists with potential for information disclosure. IBM X-Force ID: 128627.
CVE-2013-5404 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in the search implementation in IBM Rational Quality Manager (RQM) 2.0 through 2.0.1.1, 3.x before…
CVE-2015-0124 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix4, 4.x before 4.0.7 iFix3, and 5.x…
CVE-2014-6144 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager (RQM) 2.x and 3.x before 3.0.1.6 iFix 5, 4.x before 4.0.7 iFix3…
CVE-2015-0129 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager (RQM) 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 allows remote…
CVE-2015-0128 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix4, 4.x before 4.0.7 iFix3, and 5.x…
CVE-2015-0130 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM)…
CVE-2015-4962 — CVSS 3.5 (low): Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2…
CVE-2014-4801 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager 2.x through 2.0.1.1, 3.x before 3.0.1.6 iFix 4, 4.x before 4.0.7…
CVE-2015-7449 — CVSS 3.3 (low): IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and…
CVE-2015-4946 — CVSS 3.3 (low): Rational LifeCycle Project Administration in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before…