Vulnerabilities > IBM > Rational Requirements Composer > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-02-23 CVE-2016-6055 Cross-site Scripting vulnerability in IBM products
IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-02-15 CVE-2016-6060 Information Exposure vulnerability in IBM products
An undisclosed vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 could allow a JazzGuest user to see project names.
network
low complexity
ibm CWE-200
4.3
2017-02-08 CVE-2017-1128 Cross-site Scripting vulnerability in IBM products
IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-02-08 CVE-2017-1127 Cross-site Scripting vulnerability in IBM products
IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-02-08 CVE-2016-9748 Information Exposure vulnerability in IBM products
IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive information in error response messages that could be used for further attacks against the system.
network
low complexity
ibm CWE-200
4.3
2016-01-03 CVE-2015-1971 Unspecified vulnerability in IBM products
Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF8 and 5.x before 5.0.2 IF10; Rational Quality Manager (RQM) 2.x and 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF8, and 5.x before 5.0.2 IF10; Rational Team Concert (RTC) 2.x and 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF8, and 5.x before 5.0.2 IF10; Rational Requirements Composer (RRC) 2.x and 3.x before 3.0.1.6 IF7 and 4.0 through 4.0.7; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF8 and 5.x before 5.0.2 IF10; Rational Engineering Lifecycle Manager (RELM) 1.0 through 1.0.0.1, 4.0.3 through 4.0.7, and 5.0 through 5.0.2; Rational Rhapsody Design Manager (DM) 3.0 through 3.0.1, 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0; and Rational Software Architect Design Manager (DM) 3.0 through 3.0.1, 4.0 through 4.0.7, and 5.0 through 5.0.2 allows remote attackers to cause a denial of service via unknown vectors.
low complexity
ibm
4.3
2016-01-02 CVE-2015-1928 Improper Input Validation vulnerability in IBM products
Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.x before 6.0.0 IF4; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Engineering Lifecycle Manager (RELM) 4.0.3 through 4.0.7, 5.0 through 5.0.2, and 6.0.0; Rational Rhapsody Design Manager (DM) 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0.0; and Rational Software Architect Design Manager (DM) 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0.0 allows remote authenticated users to conduct clickjacking attacks via a crafted web site.
network
low complexity
ibm CWE-20
6.8