Vulnerabilities > IBM > Rational Team Concert > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-03-15 CVE-2020-4989 Exposure of Resource to Wrong Sphere vulnerability in IBM Rational Team Concert
IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 and IBM Rational Team Concert 6.0.6 and 6.0.0.1 could allow an authenticated user to obtain sensitive information about build definitions.
network
low complexity
ibm CWE-668
4.3
2022-01-11 CVE-2021-29701 Unspecified vulnerability in IBM products
IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 as well as IBM Rational Team Concert 6.0.6 and 6.0.6.1 could allow an authneticated attacker to obtain sensitive information from build definitions that could aid in further attacks against the system.
network
low complexity
ibm
4.3
2021-10-27 CVE-2021-29673 Cross-site Scripting vulnerability in IBM products
IBM Jazz Team Server products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-10-27 CVE-2021-29713 Cross-site Scripting vulnerability in IBM products
IBM Jazz Team Server products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-10-27 CVE-2021-29786 Cleartext Storage of Sensitive Information vulnerability in IBM products
IBM Jazz Team Server products stores user credentials in clear text which can be read by an authenticated user.
network
low complexity
ibm CWE-312
6.5
2021-07-28 CVE-2020-4974 Server-Side Request Forgery (SSRF) vulnerability in IBM products
IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF).
network
low complexity
ibm CWE-918
6.3
2021-07-28 CVE-2020-5004 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-07-19 CVE-2020-5031 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-07-19 CVE-2021-20507 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-04-12 CVE-2021-20519 Cross-site Scripting vulnerability in IBM products
IBM Jazz Team Server products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4