CVE-2014-6131

Name of the Vulnerable Software and Affected Versions IBM Rational Jazz Team Server (JTS) versions 3.x through 4.0.7 before iFix4 IBM Rational Jazz Team Server (JTS) versions 5.x before 5.0.2 iFix2 Rational Collaborative Lifecycle Management versions 3.x through 4.0.7 before iFix4 Rational Collaborative Lifecycle Management versions 5.x before 5.0.2 iFix2 Rational Quality Manager versions 2.x through 3.0.1.6 before iFix5 Rational Quality Manager versions 4.x before 4.0.7 iFix4 Rational Quality Manager versions 5.x before 5.0.2 iFix2 Rational Team Concert versions 2.x through 3.0.1.6 before iFix5 Rational Team Concert versions 4.x before 4.0.7 iFix4 Rational Team Concert versions 5.x before 5.0.2 iFix2 Rational DOORS Next Generation versions 4.x before 4.0.7 iFix4 Rational DOORS Next Generation versions 5.x before 5.0.2 iFix2 Rational Requirements Composer versions 2.x through 3.0.1.6 before iFix5

Description The issue allows remote authenticated users to read the dashboards of arbitrary users via unspecified vectors.

Recommendations For IBM Rational Jazz Team Server (JTS) versions 3.x through 4.0.7 before iFix4, update to version 4.0.7 iFix4 or later. For IBM Rational Jazz Team Server (JTS) versions 5.x before 5.0.2 iFix2, update to version 5.0.2 iFix2 or later. For Rational Collaborative Lifecycle Management versions 3.x through 4.0.7 before iFix4, update to version 4.0.7 iFix4 or later. For Rational Collaborative Lifecycle Management versions 5.x before 5.0.2 iFix2, update to version 5.0.2 iFix2 or later. For Rational Quality Manager versions 2.x through 3.0.1.6 before iFix5, update to version 3.0.1.6 iFix5 or later. For Rational Quality Manager versions 4.x before 4.0.7 iFix4, update to version 4.0.7 iFix4 or later. For Rational Quality Manager versions 5.x before 5.0.2 iFix2, update to version 5.0.2 iFix2 or later. For Rational Team Concert versions 2.x through 3.0.1.6 before iFix5, update to version 3.0.1.6 iFix5 or later. For Rational Team Concert versions 4.x before 4.0.7 iFix4, update to version 4.0.7 iFix4 or later. For Rational Team Concert versions 5.x before 5.0.2 iFix2, update to version 5.0.2 iFix2 or later. For Rational DOORS Next Generation versions 4.x before 4.0.7 iFix4, update to version 4.0.7 iFix4 or later. For Rational DOORS Next Generation versions 5.x before 5.0.2 iFix2, update to version 5.0.2 iFix2 or later. For Rational Requirements Composer versions 2.x through 3.0.1.6 before iFix5, update to version 3.0.1.6 iFix5 or later.