Vulnerabilities > IBM > Jazz Reporting Service > 5.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-01-17 | CVE-2015-7470 | Information Exposure vulnerability in IBM Jazz Reporting Service Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005 allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors, as demonstrated by login information. | 7.5 |
| 2016-01-17 | CVE-2015-7469 | Permissions, Privileges, and Access Controls vulnerability in IBM Jazz Reporting Service Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to bypass intended read-only restrictions by leveraging a JazzGuest role. | 4.3 |
| 2016-01-17 | CVE-2015-7468 | Permissions, Privileges, and Access Controls vulnerability in IBM Jazz Reporting Service Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to bypass intended restrictions on administrator tasks via unspecified vectors. | 4.3 |
| 2016-01-17 | CVE-2015-7467 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service Cross-site scripting (XSS) vulnerability in Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 5.4 |