Vulnerabilities > IBM > Rational Requirements Composer
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-03-04 | CVE-2014-0846 | Cross-Site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 3.5 |
2014-03-04 | CVE-2014-0845 | Improper Input Validation vulnerability in IBM products Open redirect vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL. | 4.9 |
2014-03-04 | CVE-2014-0844 | Information Disclosure vulnerability in IBM products Unspecified vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to read arbitrary data via unknown vectors. network ibm | 3.5 |
2013-12-10 | CVE-2013-5404 | Cross-Site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in the search implementation in IBM Rational Quality Manager (RQM) 2.0 through 2.0.1.1, 3.x before 3.0.1.6 iFix 1, and 4.x before 4.0.5, as used in Rational Team Concert, Rational Requirements Composer, and other products, allows remote authenticated users to inject arbitrary web script or HTML via vectors involving an IFRAME element. | 3.5 |
2013-09-12 | CVE-2013-3039 | Improper Authentication vulnerability in IBM Rational Requirements Composer IBM Rational Requirements Composer before 4.0.4 does not properly perform authentication, which has unspecified impact and remote attack vectors. | 5.4 |
2013-09-12 | CVE-2013-3038 | Credentials Management vulnerability in IBM Rational Requirements Composer Unspecified vulnerability in IBM Rational Requirements Composer before 4.0.4 makes it easier for remote attackers to discover credentials via unknown vectors. | 5.4 |
2013-09-12 | CVE-2013-3037 | Permissions, Privileges, and Access Controls vulnerability in IBM Rational Requirements Composer Unspecified vulnerability in IBM Rational Requirements Composer before 4.0.4 makes it easier for local users to gain privileges via unknown vectors. | 4.4 |
2013-09-12 | CVE-2013-3036 | Improper Input Validation vulnerability in IBM Rational Requirements Composer Open redirect vulnerability in IBM Rational Requirements Composer before 4.0.4 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL. | 4.9 |