Vulnerabilities > IBM > Rational Collaborative Lifecycle Management > 6.0.2

DATE	CVE	VULNERABILITY TITLE	RISK
2017-06-13	CVE-2017-1099	Information Exposure vulnerability in IBM products IBM Jazz Foundation could expose potentially sensitive information to authenticated users through stack trace error conditions. network low complexity ibm CWE-200	4.0
2017-06-13	CVE-2016-9973	Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation is vulnerable to cross-site scripting. network ibm CWE-79	3.5
2017-05-15	CVE-2016-9735	Information Exposure vulnerability in IBM products IBM Jazz Foundation could allow an authenticated user to obtain sensitive information from stack traces. network low complexity ibm CWE-200	4.0
2017-03-31	CVE-2016-9707	XXE vulnerability in IBM products IBM Jazz Foundation is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. network low complexity ibm CWE-611	7.5
2017-03-20	CVE-2016-2981	Information Exposure vulnerability in IBM Rational Collaborative Lifecycle Management An undisclosed vulnerability in the CLM applications in IBM Jazz Team Server may allow unauthorized access to user credentials. local low complexity ibm CWE-200	2.1
2017-02-15	CVE-2016-8968	Cross-site Scripting vulnerability in IBM Rational Collaborative Lifecycle Management 6.0.0/6.0.1/6.0.2 IBM Jazz Foundation is vulnerable to cross-site scripting. network ibm CWE-79	3.5
2017-02-08	CVE-2016-6032	Cross-site Scripting vulnerability in IBM Rational Collaborative Lifecycle Management IBM Rational Team Concert 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. network ibm CWE-79	3.5
2017-02-08	CVE-2016-2866	Information Exposure vulnerability in IBM Rational Collaborative Lifecycle Management An unspecified vulnerability in IBM Jazz Team Server may disclose some deployment information to an authenticated user. network low complexity ibm CWE-200	4.0
2017-02-01	CVE-2016-6061	Cross-site Scripting vulnerability in IBM Rational Collaborative Lifecycle Management IBM Jazz Foundation is vulnerable to cross-site scripting. network ibm CWE-79	3.5
2017-02-01	CVE-2016-6040	Session Fixation vulnerability in IBM Rational Collaborative Lifecycle Management IBM Jazz Foundation could allow an authenticated user to take over a previously logged in user due to session expiration not being enforced. network ibm CWE-384	6.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.