Vulnerabilities > IBM > Rational Doors Next Generation > 4.0.4

DATE CVE VULNERABILITY TITLE RISK
2017-12-27 CVE-2017-1365 Cross-site Scripting vulnerability in IBM products
IBM Team Concert (RTC including IBM Rational Collaborative Lifecycle Management 4.0, 5.0., and 6.0) is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-12-27 CVE-2017-1191 Unspecified vulnerability in IBM products
An undisclosed vulnerability in CLM applications (including IBM Rational Collaborative Lifecycle Management 4.0, 5.0, and 6.0) with potential for failure to restrict URL Access.
network
low complexity
ibm
4.3
4.3
2017-12-11 CVE-2017-1507 Information Exposure vulnerability in IBM products
IBM Jazz Foundation Products could disclose sensitive information during a scan that could lead to further attacks against the system.
network
low complexity
ibm CWE-200
4.3
4.3
2017-11-27 CVE-2017-1678 Cross-site Scripting vulnerability in IBM Rational Doors Next Generation
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-11-27 CVE-2017-1593 Cross-site Scripting vulnerability in IBM Rational Doors Next Generation
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-11-27 CVE-2017-1570 Information Exposure vulnerability in IBM products
IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from stack traces.
network
low complexity
ibm CWE-200
4.3
4.3
2017-11-27 CVE-2017-1560 Cross-site Scripting vulnerability in IBM Rational Doors Next Generation
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-11-27 CVE-2017-1461 Cross-site Scripting vulnerability in IBM Rational Doors Next Generation
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-11-27 CVE-2017-1251 Information Exposure vulnerability in IBM products
An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacker.
network
low complexity
ibm CWE-200
4.3
4.3
2017-11-27 CVE-2017-1240 Information Exposure vulnerability in IBM products
IBM Rhapsody DM products could reveal sensitive information in HTTP 500 Internal Server Error responses.
network
low complexity
ibm CWE-200
4.3
4.3