Vulnerabilities > IBM > Rational Collaborative Lifecycle Management

DATE CVE VULNERABILITY TITLE RISK
2017-06-13 CVE-2016-9973 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-05-15 CVE-2016-9735 Information Exposure vulnerability in IBM products
IBM Jazz Foundation could allow an authenticated user to obtain sensitive information from stack traces.
network
low complexity
ibm CWE-200
4.3
2017-03-31 CVE-2016-9707 XXE vulnerability in IBM products
IBM Jazz Foundation is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data.
network
low complexity
ibm CWE-611
8.1
2017-03-20 CVE-2016-2981 Information Exposure vulnerability in IBM Rational Collaborative Lifecycle Management
An undisclosed vulnerability in the CLM applications in IBM Jazz Team Server may allow unauthorized access to user credentials.
low complexity
ibm CWE-200
6.8
2017-02-15 CVE-2016-8968 Cross-site Scripting vulnerability in IBM Rational Collaborative Lifecycle Management 6.0.0/6.0.1/6.0.2
IBM Jazz Foundation is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-02-08 CVE-2016-6032 Cross-site Scripting vulnerability in IBM Rational Collaborative Lifecycle Management
IBM Rational Team Concert 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-02-08 CVE-2016-2866 Information Exposure vulnerability in IBM Rational Collaborative Lifecycle Management
An unspecified vulnerability in IBM Jazz Team Server may disclose some deployment information to an authenticated user.
network
low complexity
ibm CWE-200
4.3
2017-02-01 CVE-2016-6061 Cross-site Scripting vulnerability in IBM Rational Collaborative Lifecycle Management
IBM Jazz Foundation is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-02-01 CVE-2016-6040 Session Fixation vulnerability in IBM Rational Collaborative Lifecycle Management
IBM Jazz Foundation could allow an authenticated user to take over a previously logged in user due to session expiration not being enforced.
network
high complexity
ibm CWE-384
5.0
2017-02-01 CVE-2016-6030 Cross-site Scripting vulnerability in IBM Rational Collaborative Lifecycle Management
IBM Jazz Foundation is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4