CVE-2017-1734

IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM), and Rational Software Architect (RSA DM) stores potentially sensitive information in a cache that could be read by authenticated users. IBM X-Force ID: 134915.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 43%
VendorProductVersion
ibmrational_collaborative_lifecycle_management
5.0 <
𝑥
≤ 6.0.5
ibmrational_doors_next_generation
5.0 ≤
𝑥
≤ 5.0.2
ibmrational_doors_next_generation
6.0 ≤
𝑥
≤ 6.0.5
ibmrational_engineering_lifecycle_manager
5.0 ≤
𝑥
≤ 5.0.2
ibmrational_engineering_lifecycle_manager
6.0 ≤
𝑥
≤ 6.0.5
ibmrational_quality_manager
5.0 ≤
𝑥
≤ 5.0.2
ibmrational_quality_manager
6.0 ≤
𝑥
≤ 6.0.5
ibmrational_rhapsody_design_manager
5.0 ≤
𝑥
≤ 5.0.2
ibmrational_rhapsody_design_manager
6.0 ≤
𝑥
≤ 6.0.5
ibmrational_software_architect_design_manager
5.0 ≤
𝑥
≤ 5.0.2
ibmrational_software_architect_design_manager
6.0 ≤
𝑥
≤ 6.0.1
ibmrational_team_concert
5.0 ≤
𝑥
≤ 5.0.2
ibmrational_team_concert
6.0 ≤
𝑥
≤ 6.0.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.ibm.com/support/docview.wss?uid=swg22015635
https://exchange.xforce.ibmcloud.com/vulnerabilities/134915
http://www.ibm.com/support/docview.wss?uid=swg22015635
https://exchange.xforce.ibmcloud.com/vulnerabilities/134915