CVE-2017-1734

EUVD-2017-10750
IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM), and Rational Software Architect (RSA DM) stores potentially sensitive information in a cache that could be read by authenticated users. IBM X-Force ID: 134915.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 43%
Affected Products (NVD)
VendorProductVersion
ibmrational_collaborative_lifecycle_management
5.0 <
𝑥
≤ 6.0.5
ibmrational_doors_next_generation
5.0 ≤
𝑥
≤ 5.0.2
ibmrational_doors_next_generation
6.0 ≤
𝑥
≤ 6.0.5
ibmrational_engineering_lifecycle_manager
5.0 ≤
𝑥
≤ 5.0.2
ibmrational_engineering_lifecycle_manager
6.0 ≤
𝑥
≤ 6.0.5
ibmrational_quality_manager
5.0 ≤
𝑥
≤ 5.0.2
ibmrational_quality_manager
6.0 ≤
𝑥
≤ 6.0.5
ibmrational_rhapsody_design_manager
5.0 ≤
𝑥
≤ 5.0.2
ibmrational_rhapsody_design_manager
6.0 ≤
𝑥
≤ 6.0.5
ibmrational_software_architect_design_manager
5.0 ≤
𝑥
≤ 5.0.2
ibmrational_software_architect_design_manager
6.0 ≤
𝑥
≤ 6.0.1
ibmrational_team_concert
5.0 ≤
𝑥
≤ 5.0.2
ibmrational_team_concert
6.0 ≤
𝑥
≤ 6.0.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.ibm.com/support/docview.wss?uid=swg22015635
https://exchange.xforce.ibmcloud.com/vulnerabilities/134915
http://www.ibm.com/support/docview.wss?uid=swg22015635
https://exchange.xforce.ibmcloud.com/vulnerabilities/134915