Vulnerabilities > IBM > Rational Engineering Lifecycle Manager > 6.0.3

DATE CVE VULNERABILITY TITLE RISK
2017-10-03 CVE-2017-1324 Cross-site Scripting vulnerability in IBM Rational Engineering Lifecycle Manager
IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-08-10 CVE-2017-1168 Cross-site Scripting vulnerability in IBM Rational Engineering Lifecycle Manager
IBM Rational Engineering Lifecycle Manager 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-07-05 CVE-2016-9700 Information Exposure vulnerability in IBM products
IBM Jazz Foundation could allow an authenticated attacker to obtain sensitive information from error message stack traces.
network
low complexity
ibm CWE-200
4.3
4.3
2017-06-13 CVE-2017-1099 Information Exposure vulnerability in IBM products
IBM Jazz Foundation could expose potentially sensitive information to authenticated users through stack trace error conditions.
network
low complexity
ibm CWE-200
4.3
4.3
2017-06-13 CVE-2016-9973 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-05-15 CVE-2016-9735 Information Exposure vulnerability in IBM products
IBM Jazz Foundation could allow an authenticated user to obtain sensitive information from stack traces.
network
low complexity
ibm CWE-200
4.3
4.3
2017-03-31 CVE-2016-9707 XXE vulnerability in IBM products
IBM Jazz Foundation is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data.
network
low complexity
ibm CWE-611
8.1
8.1