6.8

CVE-2015-1928

Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.x before 6.0.0 IF4; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Engineering Lifecycle Manager (RELM) 4.0.3 through 4.0.7, 5.0 through 5.0.2, and 6.0.0; Rational Rhapsody Design Manager (DM) 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0.0; and Rational Software Architect Design Manager (DM) 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0.0 allows remote authenticated users to conduct clickjacking attacks via a crafted web site.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmRational Quality Manager Version2.0
IbmRational Quality Manager Version2.0.1
IbmRational Quality Manager Version3.0
IbmRational Quality Manager Version3.0.1
IbmRational Quality Manager Version3.0.1.1
IbmRational Quality Manager Version3.0.1.2
IbmRational Quality Manager Version3.0.1.3
IbmRational Quality Manager Version3.0.1.4
IbmRational Quality Manager Version3.0.1.5
IbmRational Quality Manager Version3.0.1.6
IbmRational Quality Manager Version4.0
IbmRational Quality Manager Version4.0.0.1
IbmRational Quality Manager Version4.0.0.2
IbmRational Quality Manager Version4.0.1
IbmRational Quality Manager Version4.0.2
IbmRational Quality Manager Version4.0.3
IbmRational Quality Manager Version4.0.4
IbmRational Quality Manager Version4.0.5
IbmRational Quality Manager Version4.0.6
IbmRational Quality Manager Version4.0.7
IbmRational Quality Manager Version5.0
IbmRational Quality Manager Version5.0.1
IbmRational Quality Manager Version5.0.2
IbmRational Requirements Composer Version2.0.0.1
IbmRational Requirements Composer Version2.0.0.2
IbmRational Requirements Composer Version2.0.0.3
IbmRational Requirements Composer Version2.0.0.4
IbmRational Requirements Composer Version3.0.1.1
IbmRational Requirements Composer Version3.0.1.2
IbmRational Requirements Composer Version3.0.1.3
IbmRational Requirements Composer Version3.0.1.4
IbmRational Requirements Composer Version3.0.1.5
IbmRational Requirements Composer Version3.0.1.6
IbmRational Requirements Composer Version4.0.0.1
IbmRational Requirements Composer Version4.0.0.2
IbmRational Team Concert Version2.0
IbmRational Team Concert Version2.0.0.1
IbmRational Team Concert Version2.0.0.2
IbmRational Team Concert Version3.0
IbmRational Team Concert Version3.0.1
IbmRational Team Concert Version3.0.1.1
IbmRational Team Concert Version3.0.1.2
IbmRational Team Concert Version3.0.1.3
IbmRational Team Concert Version3.0.1.4
IbmRational Team Concert Version3.0.1.5
IbmRational Team Concert Version3.0.1.6
IbmRational Team Concert Version4.0
IbmRational Team Concert Version4.0.0.1
IbmRational Team Concert Version4.0.0.2
IbmRational Team Concert Version4.0.1
IbmRational Team Concert Version4.0.2
IbmRational Team Concert Version4.0.3
IbmRational Team Concert Version4.0.4
IbmRational Team Concert Version4.0.5
IbmRational Team Concert Version4.0.6
IbmRational Team Concert Version4.0.7
IbmRational Team Concert Version5.0
IbmRational Team Concert Version5.0.1
IbmRational Team Concert Version5.0.2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.3% 0.531
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 2.3 4
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N
nvd@nist.gov 3.5 6.8 2.9
AV:N/AC:M/Au:S/C:N/I:P/A:N
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.