CVE-2019-4252

>= 6.0 and <= 6.0.1

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 could allow a remote attacker to traverse directories on the s

7.5HIGH

CVE-2019-4250

>= 6.0 and <= 6.0.1

IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) is vulnerable to cross-site scr

5.4MEDIUM

CVE-2019-4249

>= 6.0 and <= 6.0.1

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allo

5.4MEDIUM

CVE-2019-4084

>= 6.0 and <= 6.0.1

IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) could allow an authenticated us

4.3MEDIUM

CVE-2019-4083

>= 6.0 and <= 6.0.1

IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) is vulnerable to cross-site scr

5.4MEDIUM

CVE-2018-1893

>= 6.0 and <= 6.0.1

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allo

5.4MEDIUM

CVE-2018-1892

>= 6.0 and <= 6.0.1

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allo

5.4MEDIUM

CVE-2018-1828

>= 6.0 and <= 6.0.1

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allo

5.4MEDIUM

CVE-2018-1827

>= 6.0 and <= 6.0.1

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allo

5.4MEDIUM

CVE-2018-1826

>= 6.0 and <= 6.0.1

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allo

5.4MEDIUM

CVE-2018-1760

>= 6.0 and <= 6.0.1

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allo

5.4MEDIUM

CVE-2018-1758

>= 6.0 and <= 6.0.1

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allo

5.4MEDIUM

CVE-2018-1734

>= 6.0 and <= 6.0.1

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 discloses sensitive information in error messages that may be

4.3MEDIUM

CVE-2018-1952

>= 5.0 and <= 6.0.1

IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6) is vulnerable to cross-site scripting. This vul

5.4MEDIUM

CVE-2018-1916

>= 5.0 and <= 6.0.1

IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6) is vulnerable to cross-site scripting. This vul

5.4MEDIUM

CVE-2018-1688

>= 5.0 and <= 6.0.1

IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 through 6.0.6) is vulnerable to cross-site scripting. Thi

5.4MEDIUM

CVE-2018-1762

>= 5.0.0 and <= 5.0.2

IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. Th

5.4MEDIUM

CVE-2018-1694

>= 5.0.0 and <= 5.0.2

IBM Jazz applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS

5.9MEDIUM

CVE-2018-1606

>= 5.0.0 and <= 5.0.2

IBM Jazz based applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational

4.3MEDIUM

CVE-2018-1558

>= 5.0 and <= 5.0.2

IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. Thi

5.4MEDIUM

CVE-2018-1394

>= 5.0.0 and <= 5.0.2

Multiple IBM Rational products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScri

5.4MEDIUM

CVE-2017-1753

>= 5.0.0 and <= 5.0.2

Multiple IBM Rational products are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when vi

5.4MEDIUM

CVE-2018-1587

>= 5.0 and <= 5.0.2

IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.

4.3MEDIUM

CVE-2018-1585

>= 5.0 and <= 5.0.2

IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.

5.4MEDIUM

CVE-2018-1536

>= 5.0 and <= 5.0.2

IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.

5.4MEDIUM

CVE-2018-1535

>= 5.0 and <= 5.0.2

IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.

5.4MEDIUM

CVE-2018-1492

>= 5.0 and <= 5.0.2

IBM Jazz Foundation products could allow a user with physical access to the system to log in as another user due to the server's f

4.3MEDIUM

CVE-2018-1423

>= 5.0 and <= 5.0.2

IBM Jazz Foundation products could disclose sensitive information to an authenticated attacker that could be used in further attac

4.3MEDIUM

CVE-2017-1559

all versions

Multiple IBM Rational products could disclose sensitive information by an attacker that intercepts vulnerable requests. IBM X-Forc

3.1LOW

CVE-2017-1509

all versions

IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from a stack trace that could be us

4.3MEDIUM

CVE-2017-1488

all versions

An undisclosed vulnerability in Jazz common products exists with potential for information disclosure. IBM X-Force ID: 128627.

3.7LOW

CVE-2017-1237

all versions

IBM Jazz based applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript

5.4MEDIUM

CVE-2018-1456

all versions

IBM Rhapsody DM 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to a XML External Entity Injection (XXE) attack when process

7.1HIGH

CVE-2017-1734

>= 5.0 and <= 5.0.2

IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next

4.3MEDIUM

CVE-2017-1725

>= 5.0 and <= 5.0.2

IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next

4.3MEDIUM

CVE-2017-1700

>= 5.0 and <= 5.0.2

IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next

6.5MEDIUM

CVE-2017-1762

>= 4.0 and <= 4.0.7

IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vuln

5.4MEDIUM

CVE-2017-1655

>= 4.0 and <= 4.0.7

IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vuln

5.4MEDIUM

CVE-2017-1629

>= 4.0 and <= 4.0.7

IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vuln

5.4MEDIUM

CVE-2017-1602

>= 4.0.0 and <= 4.0.7

IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to access settings that

4.3MEDIUM

CVE-2017-1524

>= 4.0.0 and <= 4.0.7

IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to obtain sens

4.3MEDIUM

CVE-2015-7449

>= 4.0.0 and <= 4.0.7

IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFi

3.3LOW

CVE-2015-7471

>= 4.0 and <= 4.0.7

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Inter

4.8MEDIUM

CVE-2015-7453

>= 4.0 and <= 4.0.7

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Inter

6.1MEDIUM

CVE-2015-7440

>= 4.0 and <= 4.0.7

IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x b

7.8HIGH

CVE-2017-1653

all versions

IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 6.0.x) is vulnerable to cross-site scripting. This vulnerabil

5.4MEDIUM

CVE-2016-0219

all versions

XML external entity (XXE) vulnerability in IBM Rational Team Concert 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix

6.5MEDIUM

CVE-2017-1365

>= 4.0.0 and <= 4.0.7

IBM Team Concert (RTC including IBM Rational Collaborative Lifecycle Management 4.0, 5.0., and 6.0) is vulnerable to cross-site sc

5.4MEDIUM

CVE-2017-1191

>= 4.0.0 and <= 4.0.7

An undisclosed vulnerability in CLM applications (including IBM Rational Collaborative Lifecycle Management 4.0, 5.0, and 6.0) wit

4.3MEDIUM

CVE-2017-1507

all versions

IBM Jazz Foundation Products could disclose sensitive information during a scan that could lead to further attacks against the sys

4.3MEDIUM

CVE-2017-1570

all versions

IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID:

4.3MEDIUM

CVE-2017-1251

all versions

An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacke

4.3MEDIUM

CVE-2017-1240

all versions

IBM Rhapsody DM products could reveal sensitive information in HTTP 500 Internal Server Error responses. IBM X-Force ID: 124359.

4.3MEDIUM

CVE-2016-6024

all versions

IBM Jazz technology based products might divulge information that might be useful in helping attackers through error messages. IBM

4.3MEDIUM

CVE-2017-1245

all versions

IBM Rational Software Architect Design Manager 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users

5.4MEDIUM

CVE-2016-9700

all versions

IBM Jazz Foundation could allow an authenticated attacker to obtain sensitive information from error message stack traces. IBM X-F

4.3MEDIUM

CVE-2017-1099

all versions

IBM Jazz Foundation could expose potentially sensitive information to authenticated users through stack trace error conditions. IB

4.3MEDIUM

CVE-2016-9973

all versions

IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in t

5.4MEDIUM

CVE-2016-9735

all versions

IBM Jazz Foundation could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID: 119781,

4.3MEDIUM

CVE-2016-9707

all versions

IBM Jazz Foundation is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing X

8.1HIGH

CVE-2016-2987

all versions

An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacke

4.3MEDIUM

CVE-2016-3014

all versions

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11 and 5.0 before

5.4MEDIUM

CVE-2016-2926

all versions

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.

5.4MEDIUM

CVE-2016-2947

all versions

IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rati

2.7LOW

CVE-2016-2864

all versions

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7

5.4MEDIUM

CVE-2016-0372

all versions

IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 be

3.7LOW

CVE-2016-0284

all versions

The XML parser in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2

5.4MEDIUM

CVE-2016-0273

all versions

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7

5.4MEDIUM

CVE-2015-4962

all versions

Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x bef

3.5LOW

CVE-2015-4946

all versions

Rational LifeCycle Project Administration in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x

3.3LOW

CVE-2015-1971

all versions

Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and

4.3MEDIUM

CVE-2015-1928

all versions

Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x bef

6.8MEDIUM

CVE-2015-0112

all versions

Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1, 4.x before 4.0.7 IF5, and 5.x

CVE-2015-0113

all versions

The Jazz help system in IBM Rational Collaborative Lifecycle Management 4.0 through 5.0.2, Rational Quality Manager 4.0 through 4.

CVE-2014-3092

all versions

IBM Jazz Team Server, as used in Rational Collaborative Lifecycle Management; Rational Quality Manager 3.x before 3.0.1.6 iFix 3,

CVE-2014-3037

<= 4.0.6

Cross-site request forgery (CSRF) vulnerability in IBM Configuration Management Application (aka VVC) in IBM Rational Engineering

CVE-2014-0948

all versions

Unspecified vulnerability in IBM Rational Software Architect Design Manager and Rational Rhapsody Design Manager 3.x and 4.x befor

CVE-2014-0947

all versions

Unspecified vulnerability in the server in IBM Rational Software Architect Design Manager 4.0.6 allows remote authenticated users

CVE-2013-5459

all versions

Unspecified vulnerability in IBM Rational Software Architect (RSA) Design Manager and Rational Rhapsody Design Manager 3.x through

CVE-2013-3043

all versions

Directory traversal vulnerability in the client in IBM Rational Software Architect Design Manager and Rhapsody Design Manager 3.x

CVE-2013-3042

all versions

Directory traversal vulnerability in the server in IBM Rational Software Architect Design Manager and Rhapsody Design Manager 3.x