PT-2016-5252 · Ibm · Ibm Rational Team Concert+1
Publicado
2016-07-15
·
Atualizado
2016-11-28
·
CVE-2016-2865
CVSS v3.1
6.5
Média
| Vetor | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Rational Team Concert versions 5.x before 5.0.2 iFix14
IBM Rational Team Concert versions 6.x before 6.0.1 iFix5
Rational Collaborative Lifecycle Management versions 5.x before 5.0.2 iFix14
Rational Collaborative Lifecycle Management versions 6.x before 6.0.1 iFix5
Description
The issue allows remote authenticated users to obtain sensitive information via a malformed request. This is related to the GIT Integration component.
Recommendations
For IBM Rational Team Concert versions 5.x before 5.0.2 iFix14, update to 5.0.2 iFix14 or later.
For IBM Rational Team Concert versions 6.x before 6.0.1 iFix5, update to 6.0.1 iFix5 or later.
For Rational Collaborative Lifecycle Management versions 5.x before 5.0.2 iFix14, update to 5.0.2 iFix14 or later.
For Rational Collaborative Lifecycle Management versions 6.x before 6.0.1 iFix5, update to 6.0.1 iFix5 or later.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Rational Team Concert
Ibm Rational Collaborative Lifecycle Management