Vulnerabilities > IBM > Rational Collaborative Lifecycle Management > 6.0.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-20 | CVE-2015-7449 | Inadequate Encryption Strength vulnerability in IBM products IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Quality Manager (RQM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Team Concert (RTC) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Requirements Composer (RRC) 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7 before iFix1, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2 allow local users to obtain sensitive information by leveraging weak encryption. | 3.3 |
| 2018-01-26 | CVE-2017-1653 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 6.0.x) is vulnerable to cross-site scripting. | 5.4 |
| 2017-12-27 | CVE-2017-1365 | Cross-site Scripting vulnerability in IBM products IBM Team Concert (RTC including IBM Rational Collaborative Lifecycle Management 4.0, 5.0., and 6.0) is vulnerable to cross-site scripting. | 5.4 |
| 2017-12-27 | CVE-2017-1191 | Unspecified vulnerability in IBM products An undisclosed vulnerability in CLM applications (including IBM Rational Collaborative Lifecycle Management 4.0, 5.0, and 6.0) with potential for failure to restrict URL Access. | 4.3 |
| 2017-10-25 | CVE-2017-1363 | Cross-site Scripting vulnerability in IBM Rational Collaborative Lifecycle Management IBM Team Concert (RTC) is vulnerable to cross-site scripting. | 5.4 |
| 2017-10-25 | CVE-2017-1295 | Information Exposure vulnerability in IBM Rational Collaborative Lifecycle Management IBM RSA DM contains unspecified vulnerability in CLM Applications with potential for information leakage. | 4.3 |
| 2017-10-25 | CVE-2017-1241 | Information Exposure vulnerability in IBM Rational Collaborative Lifecycle Management An unspecified vulnerability in IBM Jazz Foundation based applications might allow the display of stack trace information to an attacker. | 4.3 |
| 2017-10-25 | CVE-2017-1169 | Cross-site Scripting vulnerability in IBM Rational Collaborative Lifecycle Management IBM DOORS next Generation (DNG/RRC) is vulnerable to cross-site scripting. | 5.4 |
| 2017-10-25 | CVE-2017-1164 | Cross-site Scripting vulnerability in IBM Rational Collaborative Lifecycle Management IBM Jazz Foundation is vulnerable to cross-site scripting. | 5.4 |
| 2017-06-22 | CVE-2016-9747 | Cross-site Scripting vulnerability in IBM products IBM RELM 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |