VAR-201803-0128
Vulnerability from variot - Updated: 2023-12-18 12:19IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 133379. Vendors have confirmed this vulnerability IBM X-Force ID: 133379 It is released as.Information may be obtained and information may be altered. Multiple IBM Products are prone to the following multiple security vulnerabilities: 1. An information-disclosure vulnerability 2. Multiple cross-site scripting vulnerability 3. An access-bypass vulnerability An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, gain unauthorized access to the affected application or to obtain sensitive information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-0128",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rational rhapsody design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational doors next generation",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational software architect design manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational quality manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational quality manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational team concert",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational software architect design manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational quality manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational software architect design manager",
"scope": "gt",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational team concert",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational team concert",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational doors next generation",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.0"
},
{
"model": "rational rhapsody design manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational software architect design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational doors next generation",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational rhapsody design manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational software architect design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational software architect design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational team concert",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational rhapsody design manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational team concert",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational doors next generation",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational quality manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational team concert",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational quality manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational rhapsody design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational doors next generation",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational engineering lifecycle manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational rhapsody design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational engineering lifecycle manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational quality manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational doors next generation",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational engineering lifecycle manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "5.0 and 6.0"
},
{
"model": "rational doors next generation",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational engineering lifecycle manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational quality manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational rhapsody design manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational software architect design manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational team concert",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "6.0.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.7"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "jazz foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "rational team concert ifix3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational team concert ifix16",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational team concert ifix25",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational quality manager ifix3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational quality manager ifix16",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational quality manager ifix25",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational doors next generation ifix3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational doors next generation ifix16",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational doors next generation ifix25",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational collaborative lifecycle management ifix3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational collaborative lifecycle management ifix16",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational collaborative lifecycle management ifix25",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
}
],
"sources": [
{
"db": "BID",
"id": "103477"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003086"
},
{
"db": "NVD",
"id": "CVE-2017-1655"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-900"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.0.5",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ibm:rational_quality_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.0.2",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:rational_quality_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:rational_quality_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.0.5",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ibm:rational_team_concert:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:rational_team_concert:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.0.2",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:rational_team_concert:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.0.5",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ibm:rational_doors_next_generation:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:rational_doors_next_generation:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.0.5",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:rational_doors_next_generation:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.0.2",
"versionStartIncluding": "5.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.0.2",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.0.5",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.0.2",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.0.5",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ibm:rational_software_architect_design_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.0.7",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:rational_software_architect_design_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.0.2",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:rational_software_architect_design_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.0.1",
"versionStartExcluding": "6.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-1655"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM.",
"sources": [
{
"db": "BID",
"id": "103477"
}
],
"trust": 0.3
},
"cve": "CVE-2017-1655",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.5,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-1655",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 2.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.4,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2017-1655",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-1655",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2017-1655",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201803-900",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003086"
},
{
"db": "NVD",
"id": "CVE-2017-1655"
},
{
"db": "NVD",
"id": "CVE-2017-1655"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-900"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 133379. Vendors have confirmed this vulnerability IBM X-Force ID: 133379 It is released as.Information may be obtained and information may be altered. Multiple IBM Products are prone to the following multiple security vulnerabilities:\n1. An information-disclosure vulnerability\n2. Multiple cross-site scripting vulnerability\n3. An access-bypass vulnerability\nAn attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, gain unauthorized access to the affected application or to obtain sensitive information",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-1655"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003086"
},
{
"db": "BID",
"id": "103477"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-1655",
"trust": 2.7
},
{
"db": "BID",
"id": "103477",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003086",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201803-900",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "103477"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003086"
},
{
"db": "NVD",
"id": "CVE-2017-1655"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-900"
}
]
},
"id": "VAR-201803-0128",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.23809524
},
"last_update_date": "2023-12-18T12:19:01.519000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "2014815",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22014815"
},
{
"title": "ibm-jazz-cve20171655-xss (133379)",
"trust": 0.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133379"
},
{
"title": "IBM Rational Collaborative Lifecycle Management Jazz Foundation Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=79397"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003086"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-900"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003086"
},
{
"db": "NVD",
"id": "CVE-2017-1655"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://www.ibm.com/support/docview.wss?uid=swg22014815"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/103477"
},
{
"trust": 1.6,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133379"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-1655"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-1655"
},
{
"trust": 0.3,
"url": "http://www.ibm.com"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22014815"
}
],
"sources": [
{
"db": "BID",
"id": "103477"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003086"
},
{
"db": "NVD",
"id": "CVE-2017-1655"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-900"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "103477"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003086"
},
{
"db": "NVD",
"id": "CVE-2017-1655"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-900"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-20T00:00:00",
"db": "BID",
"id": "103477"
},
{
"date": "2018-05-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003086"
},
{
"date": "2018-03-23T19:29:00.387000",
"db": "NVD",
"id": "CVE-2017-1655"
},
{
"date": "2018-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-900"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-20T00:00:00",
"db": "BID",
"id": "103477"
},
{
"date": "2018-05-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003086"
},
{
"date": "2019-10-09T23:26:24.333000",
"db": "NVD",
"id": "CVE-2017-1655"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-900"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-900"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Jazz Foundation Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003086"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-900"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…