Skip to main content

Rational Requirements Composer

32 CVEs product

Monthly

CVE-2018-1529 MEDIUM PATCH This Month

IBM Rational DOORS Next Generation 5.0 through 5.0.2, 6.0 through 6.0.5 and IBM Rational Requirements Composer 5.0 through 5.0.2 are vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Requirements Composer Rational Doors Next Generation
NVD
CVSS 3.0
5.4
EPSS
1.0%
CVE-2017-1546 MEDIUM This Month

IBM DOORS Next Generation (DNG/RRC) 4.07, 5.0, and 6.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Rational Doors Next Generation Rational Requirements Composer
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-1338 MEDIUM PATCH This Month

IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Doors Next Generation Rational Requirements Composer
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2017-1278 MEDIUM PATCH This Month

IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to HTML injection. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Doors Next Generation Rational Requirements Composer
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-1276 MEDIUM PATCH This Month

IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Doors Next Generation Rational Requirements Composer
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2017-1247 MEDIUM PATCH This Month

IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Doors Next Generation Rational Requirements Composer
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2016-6055 MEDIUM PATCH This Month

IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Doors Next Generation Rational Requirements Composer
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2016-6060 MEDIUM PATCH This Month

An undisclosed vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 could allow a JazzGuest user to see project names. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Rational Doors Next Generation Rational Requirements Composer
NVD
CVSS 3.0
4.3
EPSS
0.2%
CVE-2017-1128 MEDIUM PATCH This Month

IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Doors Next Generation Rational Requirements Composer
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-1127 MEDIUM PATCH This Month

IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Doors Next Generation Rational Requirements Composer
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-9748 MEDIUM PATCH This Month

IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive information in error response messages that could be used for further attacks against the system. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Rational Doors Next Generation Rational Requirements Composer
NVD
CVSS 3.0
4.3
EPSS
0.2%
CVE-2015-4962 LOW Monitor

Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Quality Manager (RQM). Rated low severity (CVSS 3.5), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Rational Rhapsody Design Manager Rational Quality Manager Rational Requirements Composer +5
NVD
CVSS 3.0
3.5
EPSS
0.1%
CVE-2015-4946 LOW Monitor

Rational LifeCycle Project Administration in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1;. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

IBM Privilege Escalation Rational Quality Manager Rational Requirements Composer Rational Engineering Lifecycle Manager +5
NVD
CVSS 3.0
3.3
EPSS
0.1%
CVE-2015-1971 MEDIUM This Month

Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF8 and 5.x before 5.0.2 IF10; Rational Quality. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

IBM Denial Of Service Rational Quality Manager Rational Engineering Lifecycle Manager Rational Team Concert +5
NVD
CVSS 3.0
4.3
EPSS
0.2%
CVE-2015-1928 MEDIUM This Month

Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.x before 6.0.0 IF4; Rational Quality Manager. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Rational Quality Manager Rational Rhapsody Design Manager Rational Requirements Composer +5
NVD
CVSS 3.0
6.8
EPSS
0.3%
CVE-2015-0130 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Rational Doors Next Generation Rational Team Concert Rational Collaborative Lifecycle Management +2
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-0112 MEDIUM PATCH This Month

Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Quality Manager (RQM) 2.0 through 2.0.1,. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

IBM XXE Rational Requirements Composer Rhapsody Design Manager Rational Team Concert +5
NVD
CVSS 2.0
4.0
EPSS
0.3%
CVE-2015-0121 LOW Monitor

IBM Rational Requirements Composer 3.0 through 3.0.1.6 and 4.0 through 4.0.7 and Rational DOORS Next Generation (RDNG) 4.0 through 4.0.7 and 5.0 through 5.0.2, when LTPA single sign on is used with. Rated low severity (CVSS 3.7). No vendor patch available.

IBM Information Disclosure Rational Requirements Composer Rational Doors Next Generation
NVD
CVSS 2.0
3.7
EPSS
0.2%
CVE-2015-0113 MEDIUM PATCH This Month

The Jazz help system in IBM Rational Collaborative Lifecycle Management 4.0 through 5.0.2, Rational Quality Manager 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Team Concert 4.0 through 4.0.7. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Rational Software Architect Design Manager Rational Team Concert Rational Rhapsody Design Manager +5
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2015-0132 HIGH PATCH This Week

The XML parser in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 and Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5 and 4.x before 4.0.7 iFix3 does. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

IBM Denial Of Service Rational Requirements Composer Rational Doors Next Generation
NVD
CVSS 2.0
7.8
EPSS
0.5%
CVE-2015-0125 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 and Rational Requirements Composer 4.x before 4.0.7 iFix3 allows remote. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Rational Requirements Composer Rational Doors Next Generation
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-6131 MEDIUM PATCH This Month

IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Rational Doors Next Generation Rational Requirements Composer Rational Collaborative Lifecycle Management +2
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2014-6129 MEDIUM PATCH This Month

IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

IBM Privilege Escalation Rational Quality Manager Rational Requirements Composer Rational Doors Next Generation +2
NVD
CVSS 2.0
5.5
EPSS
0.3%
CVE-2014-3092 MEDIUM PATCH This Month

IBM Jazz Team Server, as used in Rational Collaborative Lifecycle Management; Rational Quality Manager 3.x before 3.0.1.6 iFix 3, 4.x before 4.0.7, and 5.x before 5.0.1; and other Rational products,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Rational Doors Next Generation Rational Engineering Lifecycle Manager Rational Quality Manager +4
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2014-0846 LOW Monitor

Cross-site scripting (XSS) vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Rational Doors Next Generation Rational Requirements Composer
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-0845 MEDIUM This Month

Open redirect vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

Open Redirect IBM Rational Requirements Composer Rational Doors Next Generation
NVD
CVSS 2.0
4.9
EPSS
0.2%
CVE-2014-0844 LOW Monitor

Unspecified vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure IBM Rational Requirements Composer Rational Doors Next Generation
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-5404 LOW Monitor

Cross-site scripting (XSS) vulnerability in the search implementation in IBM Rational Quality Manager (RQM) 2.0 through 2.0.1.1, 3.x before 3.0.1.6 iFix 1, and 4.x before 4.0.5, as used in Rational. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Rational Quality Manager Rational Requirements Composer Rational Team Concert
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-3039 MEDIUM This Month

IBM Rational Requirements Composer before 4.0.4 does not properly perform authentication, which has unspecified impact and remote attack vectors. Rated medium severity (CVSS 5.4). No vendor patch available.

IBM Authentication Bypass Rational Requirements Composer
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2013-3038 MEDIUM This Month

Unspecified vulnerability in IBM Rational Requirements Composer before 4.0.4 makes it easier for remote attackers to discover credentials via unknown vectors. Rated medium severity (CVSS 5.4). No vendor patch available.

IBM Authentication Bypass Rational Requirements Composer
NVD
CVSS 2.0
5.4
EPSS
0.2%
CVE-2013-3037 MEDIUM This Month

Unspecified vulnerability in IBM Rational Requirements Composer before 4.0.4 makes it easier for local users to gain privileges via unknown vectors. Rated medium severity (CVSS 4.4). No vendor patch available.

Privilege Escalation IBM Rational Requirements Composer
NVD
CVSS 2.0
4.4
EPSS
0.1%
CVE-2013-3036 MEDIUM This Month

Open redirect vulnerability in IBM Rational Requirements Composer before 4.0.4 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

Open Redirect IBM Rational Requirements Composer
NVD
CVSS 2.0
4.9
EPSS
0.1%
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

IBM Rational DOORS Next Generation 5.0 through 5.0.2, 6.0 through 6.0.5 and IBM Rational Requirements Composer 5.0 through 5.0.2 are vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Requirements Composer +1
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

IBM DOORS Next Generation (DNG/RRC) 4.07, 5.0, and 6.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Rational Doors Next Generation +1
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Doors Next Generation +1
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to HTML injection. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Doors Next Generation +1
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Doors Next Generation +1
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Doors Next Generation +1
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Doors Next Generation +1
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

An undisclosed vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 could allow a JazzGuest user to see project names. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Rational Doors Next Generation +1
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Doors Next Generation +1
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Doors Next Generation +1
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive information in error response messages that could be used for further attacks against the system. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Rational Doors Next Generation +1
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Quality Manager (RQM). Rated low severity (CVSS 3.5), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Rational Rhapsody Design Manager +7
NVD
EPSS 0% CVSS 3.3
LOW Monitor

Rational LifeCycle Project Administration in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1;. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

IBM Privilege Escalation Rational Quality Manager +7
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF8 and 5.x before 5.0.2 IF10; Rational Quality. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

IBM Denial Of Service Rational Quality Manager +7
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.x before 6.0.0 IF4; Rational Quality Manager. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Rational Quality Manager +7
NVD
EPSS 0% CVSS 3.5
LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Rational Doors Next Generation +4
NVD
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Quality Manager (RQM) 2.0 through 2.0.1,. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

IBM XXE Rational Requirements Composer +7
NVD
EPSS 0% CVSS 3.7
LOW Monitor

IBM Rational Requirements Composer 3.0 through 3.0.1.6 and 4.0 through 4.0.7 and Rational DOORS Next Generation (RDNG) 4.0 through 4.0.7 and 5.0 through 5.0.2, when LTPA single sign on is used with. Rated low severity (CVSS 3.7). No vendor patch available.

IBM Information Disclosure Rational Requirements Composer +1
NVD
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

The Jazz help system in IBM Rational Collaborative Lifecycle Management 4.0 through 5.0.2, Rational Quality Manager 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Team Concert 4.0 through 4.0.7. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Rational Software Architect Design Manager +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

The XML parser in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 and Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5 and 4.x before 4.0.7 iFix3 does. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

IBM Denial Of Service Rational Requirements Composer +1
NVD
EPSS 0% CVSS 3.5
LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 and Rational Requirements Composer 4.x before 4.0.7 iFix3 allows remote. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Rational Requirements Composer +1
NVD
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Rational Doors Next Generation +4
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

IBM Privilege Escalation Rational Quality Manager +4
NVD
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

IBM Jazz Team Server, as used in Rational Collaborative Lifecycle Management; Rational Quality Manager 3.x before 3.0.1.6 iFix 3, 4.x before 4.0.7, and 5.x before 5.0.1; and other Rational products,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Rational Doors Next Generation +6
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Cross-site scripting (XSS) vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Rational Doors Next Generation +1
NVD
EPSS 0% CVSS 4.9
MEDIUM This Month

Open redirect vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

Open Redirect IBM Rational Requirements Composer +1
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Unspecified vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure IBM Rational Requirements Composer +1
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Cross-site scripting (XSS) vulnerability in the search implementation in IBM Rational Quality Manager (RQM) 2.0 through 2.0.1.1, 3.x before 3.0.1.6 iFix 1, and 4.x before 4.0.5, as used in Rational. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Rational Quality Manager +2
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

IBM Rational Requirements Composer before 4.0.4 does not properly perform authentication, which has unspecified impact and remote attack vectors. Rated medium severity (CVSS 5.4). No vendor patch available.

IBM Authentication Bypass Rational Requirements Composer
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Unspecified vulnerability in IBM Rational Requirements Composer before 4.0.4 makes it easier for remote attackers to discover credentials via unknown vectors. Rated medium severity (CVSS 5.4). No vendor patch available.

IBM Authentication Bypass Rational Requirements Composer
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Unspecified vulnerability in IBM Rational Requirements Composer before 4.0.4 makes it easier for local users to gain privileges via unknown vectors. Rated medium severity (CVSS 4.4). No vendor patch available.

Privilege Escalation IBM Rational Requirements Composer
NVD
EPSS 0% CVSS 4.9
MEDIUM This Month

Open redirect vulnerability in IBM Rational Requirements Composer before 4.0.4 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

Open Redirect IBM Rational Requirements Composer
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy