Vulnerabilities > IBM > Rational Software Architect Design Manager
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-27 | CVE-2017-1570 | Information Exposure vulnerability in IBM products IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from stack traces. | 4.3 |
| 2017-11-27 | CVE-2017-1251 | Information Exposure vulnerability in IBM products An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacker. | 4.3 |
| 2017-11-27 | CVE-2017-1240 | Information Exposure vulnerability in IBM products IBM Rhapsody DM products could reveal sensitive information in HTTP 500 Internal Server Error responses. | 4.3 |
| 2017-11-27 | CVE-2016-6024 | Information Exposure vulnerability in IBM products IBM Jazz technology based products might divulge information that might be useful in helping attackers through error messages. | 4.3 |
| 2017-07-24 | CVE-2017-1245 | Cross-site Scripting vulnerability in IBM Rational Software Architect Design Manager IBM Rational Software Architect Design Manager 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-05 | CVE-2016-9700 | Information Exposure vulnerability in IBM products IBM Jazz Foundation could allow an authenticated attacker to obtain sensitive information from error message stack traces. | 4.3 |
| 2017-06-13 | CVE-2017-1099 | Information Exposure vulnerability in IBM products IBM Jazz Foundation could expose potentially sensitive information to authenticated users through stack trace error conditions. | 4.3 |
| 2017-06-13 | CVE-2016-9973 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation is vulnerable to cross-site scripting. | 5.4 |
| 2017-05-15 | CVE-2016-9735 | Information Exposure vulnerability in IBM products IBM Jazz Foundation could allow an authenticated user to obtain sensitive information from stack traces. | 4.3 |
| 2017-03-31 | CVE-2016-9707 | XXE vulnerability in IBM products IBM Jazz Foundation is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. | 8.1 |