CVE-2015-7449

EUVD-2015-7373
IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Quality Manager (RQM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Team Concert (RTC) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Requirements Composer (RRC) 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7 before iFix1, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2 allow local users to obtain sensitive information by leveraging weak encryption. IBM X-Force ID: 108221.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.3 LOW
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 4%
Affected Products (NVD)
VendorProductVersion
ibmrational_collaborative_lifecycle_management
4.0.0 ≤
𝑥
≤ 6.0.2
ibmrational_quality_manager
4.0.0 ≤
𝑥
≤ 4.0.7
ibmrational_quality_manager
5.0.0
ibmrational_quality_manager
5.0.1
ibmrational_quality_manager
5.0.2
ibmrational_quality_manager
6.0.0
ibmrational_quality_manager
6.0.1
ibmrational_quality_manager
6.0.2
ibmrational_team_concert
4.0.0 ≤
𝑥
≤ 4.0.7
ibmrational_team_concert
5.0.0
ibmrational_team_concert
5.0.1
ibmrational_team_concert
5.0.2
ibmrational_team_concert
6.0.0
ibmrational_team_concert
6.0.1
ibmrational_team_concert
6.0.2
ibmrational_requirements_composer
4.0.0 ≤
𝑥
≤ 4.0.7
ibmrational_doors_next_generation
4.0.0 ≤
𝑥
≤ 4.0.7
ibmrational_doors_next_generation
5.0.0
ibmrational_doors_next_generation
5.0.1
ibmrational_doors_next_generation
5.0.2
ibmrational_doors_next_generation
6.0.0
ibmrational_doors_next_generation
6.0.1
ibmrational_doors_next_generation
6.0.2
ibmrational_engineering_lifecycle_manager
4.0.3 ≤
𝑥
≤ 4.0.7
ibmrational_engineering_lifecycle_manager
5.0.0
ibmrational_engineering_lifecycle_manager
5.0.1
ibmrational_engineering_lifecycle_manager
5.0.2
ibmrational_engineering_lifecycle_manager
6.0.0
ibmrational_engineering_lifecycle_manager
6.0.1
ibmrational_engineering_lifecycle_manager
6.0.2
ibmrational_rhapsody_design_manager
4.0 ≤
𝑥
≤ 4.0.7
ibmrational_rhapsody_design_manager
5.0.0
ibmrational_rhapsody_design_manager
5.0.1
ibmrational_rhapsody_design_manager
5.0.2
ibmrational_rhapsody_design_manager
6.0.0
ibmrational_rhapsody_design_manager
6.0.1
ibmrational_rhapsody_design_manager
6.0.2
ibmrational_software_architect_design_manager
4.0.0 ≤
𝑥
≤ 4.0.7
ibmrational_software_architect_design_manager
5.0.0
ibmrational_software_architect_design_manager
5.0.1
ibmrational_software_architect_design_manager
5.0.2
ibmrational_software_architect_design_manager
6.0.0
ibmrational_software_architect_design_manager
6.0.1
ibmrational_software_architect_design_manager
6.0.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg21985143
https://exchange.xforce.ibmcloud.com/vulnerabilities/108221
http://www-01.ibm.com/support/docview.wss?uid=swg21985143
https://exchange.xforce.ibmcloud.com/vulnerabilities/108221