FKIE_CVE-2015-7440
Vulnerability from fkie_nvd - Published: 2018-03-15 22:29 - Updated: 2024-11-21 02:36
Severity ?
Summary
IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, and 4.0.7 before iFix10, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4 might allow local users to gain privileges via unspecified vectors. IBM X-Force ID: 108098.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@us.ibm.com | http://www-01.ibm.com/support/docview.wss?uid=swg21982747 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/108098 | VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21982747 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/108098 | VDB Entry, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5103D1D-DC6C-40CE-8092-5102E8F10A6E",
"versionEndIncluding": "6.0.1",
"versionStartIncluding": "3.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EEF02561-E60D-4577-B4AB-D2085B3599F1",
"versionEndIncluding": "3.0.1.6",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF1C422A-3D5F-48B1-BC6E-954D1AFA34F9",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D094EE5E-DF84-4922-A612-35CD4DC4D875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1186E8-2639-476F-802E-580D98F2E255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7E998F-416E-4E1F-BF85-606224B468CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7569ED1E-D61E-4F97-825B-2B20A1C03319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E52984F5-4372-4D13-95B1-51F4DB19D425",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "748629D9-94EA-4A8C-84D9-16AD00442C05",
"versionEndIncluding": "3.0.6",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51CDEB94-002E-479A-A055-F3FD38D3AE41",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8EA5622F-81FF-4C0C-8A3D-9ACFE30B0ACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BEC305-F98D-45F4-B149-1188744DE408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E837B6AB-B8FF-413E-8DE9-EE61F6113ED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB5C385D-6C5B-4D5E-8628-6D80E8E54403",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF686B93-3DE2-4A4D-BA6F-10CA9AFCFA73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23C054AA-DA70-431C-A410-01671854C0D0",
"versionEndIncluding": "3.0.1.6",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CAE640E-7342-44B0-8C02-97EE71ECAD91",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B3D3092-A570-45DE-9CD4-72E01787D189",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2431038-D838-4AB0-B614-EDC1D4D203E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AE1241-9998-4F5D-862A-52CE40DB24C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F32526-C148-4FCE-B32B-88A8F2BB3A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "749C6DAF-EF92-40DD-9CE8-535D1C5BB745",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FA536CF-BF5F-42F1-8F7A-7850E4AC9319",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1738F8-EECC-46C9-AE0C-46E8E4B2AC5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F01BD6B-30EA-4AD6-A2CA-04638FF59DF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3E8B81FD-2288-4DD3-9AAC-76016FFA2D30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61CE7D3E-BF02-44DA-ADAE-5CB0E22492AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F5ECD177-5310-44DA-A364-1077898C3A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19611ED3-74F3-4124-A334-09A66A9274A9",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B12D7433-30F0-427F-BF82-0AAD492CE35D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6E654FB-BD17-4308-9CD0-163D8DA0BD6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "64D14BEF-D1F0-4C27-87F0-8BCAD8A3E369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B9D0C8-2EB2-4209-8495-1B3B823D9A41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "94EF2E53-3618-4610-AC36-602584DB26EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D29F101-F08E-42A1-B7F2-1BD982F81221",
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2654BDE-3134-4653-B472-995B02E9B841",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C36DDB50-CF31-4B3C-AE49-99A3AFBC0791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9DFDE569-8BE3-4CFD-8228-FF785B004068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9800CBFC-3169-42CA-BB36-22C34F222FD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5D3E975D-3D7B-4DE3-B961-BA6D38329563",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, and 4.0.7 before iFix10, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4 might allow local users to gain privileges via unspecified vectors. IBM X-Force ID: 108098."
},
{
"lang": "es",
"value": "IBM Rational Collaborative Lifecycle Management (CLM) en versiones 3.0.1 anteriores a 3.0.1.6 iFix7 Interim Fix 1, 4.0.x anteriores a 4.0.7 iFix10, 5.0.x anteriores a 5.0.2 iFix15 y 6.0.x anteriores a 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x anteriores a 3.0.1.6 iFix7 Interim Fix 1, 4.0.x anteriores a 4.0.7 iFix10, 5.0.x anteriores a 5.0.2 iFix15 y 6.0.x anteriores a 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x anteriores a 3.0.1.6 iFix7 Interim Fix 1, 4.0.x anteriores a 4.0.7 iFix10, 5.0.x anteriores a 5.0.2 iFix15 y 6.0.x anteriores a 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x anteriores a 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x anteriores a 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x anteriores a 4.0.7 iFix10, 5.0.x anteriores a 5.0.2 iFix15 y 6.0.x anteriores a 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6 y 4.0.7 anteriores a iFix10, 5.0.x anteriores a 5.0.2 iFix1 y 6.0.x anteriores a 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x anteriores a 4.0.7 iFix10, 5.0.x anteriores a 5.0.2 iFix15 y 6.0.x anteriores a 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x anteriores a 4.0.7 iFix10, 5.0.x anteriores a 5.0.2 iFix15 y 6.0.x anteriores a 6.0.1 iFix4 podr\u00edan permitir que los usuarios locales obtengan privilegios mediante vectores sin especificar. IBM X-Force ID: 108098."
}
],
"id": "CVE-2015-7440",
"lastModified": "2024-11-21T02:36:47.680",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-15T22:29:00.230",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982747"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108098"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…