Vulnerabilities > IBM > Rational Doors Next Generation > 6.0

DATE CVE VULNERABILITY TITLE RISK
2018-01-16 CVE-2016-0219 XXE vulnerability in IBM products
XML external entity (XXE) vulnerability in IBM Rational Team Concert 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0 before 5.0.2 iFix15, and 6.0 before 6.0.1 iFix4 allows remote authenticated users to cause a denial of service via crafted XML data.
network
low complexity
ibm CWE-611
4.0
4.0
2017-12-13 CVE-2017-1546 Cross-site Scripting vulnerability in IBM products
IBM DOORS Next Generation (DNG/RRC) 4.07, 5.0, and 6.0 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2017-12-11 CVE-2017-1507 Information Exposure vulnerability in IBM products
IBM Jazz Foundation Products could disclose sensitive information during a scan that could lead to further attacks against the system.
network
low complexity
ibm CWE-200
4.0
4.0
2017-11-27 CVE-2017-1689 Cross-site Scripting vulnerability in IBM Rational Doors Next Generation
IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2017-11-27 CVE-2017-1688 Cross-site Scripting vulnerability in IBM Rational Doors Next Generation
IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2017-11-27 CVE-2017-1650 Cross-site Scripting vulnerability in IBM Rational Doors Next Generation
IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2017-11-27 CVE-2017-1607 Cross-site Scripting vulnerability in IBM Rational Doors Next Generation
IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2017-11-27 CVE-2017-1570 Information Exposure vulnerability in IBM products
IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from stack traces.
network
low complexity
ibm CWE-200
4.0
4.0
2017-11-27 CVE-2017-1251 Information Exposure vulnerability in IBM products
An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacker.
network
low complexity
ibm CWE-200
4.0
4.0
2017-11-27 CVE-2017-1240 Information Exposure vulnerability in IBM products
IBM Rhapsody DM products could reveal sensitive information in HTTP 500 Internal Server Error responses.
network
low complexity
ibm CWE-200
4.0
4.0