PT-2016-5311 · Ibm · Ibm Rational Doors Next Generation+5
Vishal Garg
·
Publicado
2016-11-25
·
Atualizado
2016-11-28
·
CVE-2016-2986
CVSS v3.1
5.4
Média
| Vetor | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Rational Collaborative Lifecycle Management versions 6.0.0 through 6.0.1 before iFix6
IBM Rational Quality Manager versions 6.0.0 through 6.0.1 before iFix6
IBM Rational Team Concert versions 6.0.0 through 6.0.1 before iFix6
IBM Rational DOORS Next Generation versions 6.0.0 through 6.0.1 before iFix6
IBM Rational Engineering Lifecycle Manager versions 6.0.0 through 6.0.1 before iFix6
IBM Rational Rhapsody Design Manager versions 6.0.0 through 6.0.1 before iFix6
Description
A cross-site scripting (XSS) issue allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Recommendations
For IBM Rational Collaborative Lifecycle Management versions 6.0.0 through 6.0.1 before iFix6, update to version 6.0.1 iFix6.
For IBM Rational Quality Manager versions 6.0.0 through 6.0.1 before iFix6, update to version 6.0.1 iFix6.
For IBM Rational Team Concert versions 6.0.0 through 6.0.1 before iFix6, update to version 6.0.1 iFix6.
For IBM Rational DOORS Next Generation versions 6.0.0 through 6.0.1 before iFix6, update to version 6.0.1 iFix6.
For IBM Rational Engineering Lifecycle Manager versions 6.0.0 through 6.0.1 before iFix6, update to version 6.0.1 iFix6.
For IBM Rational Rhapsody Design Manager versions 6.0.0 through 6.0.1 before iFix6, update to version 6.0.1 iFix6.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Rational Collaborative Lifecycle Management
Ibm Rational Doors Next Generation
Ibm Rational Engineering Lifecycle Manager
Ibm Rational Quality Manager
Rational Rhapsody Design Manager
Ibm Rational Team Concert