CVE-2015-1928

Name of the Vulnerable Software and Affected Versions IBM Rational Collaborative Lifecycle Management (CLM) versions 3.x through 4.0.7 IF8 and 5.x through 5.0.2 IF10 and 6.x through 6.0.0 IF3 Rational Quality Manager (RQM) versions 3.x through 3.0.1.5 IF6 and 4.x through 4.0.7 IF8 and 5.x through 5.0.2 IF10 and 6.0 through 6.0.0 IF3 Rational Team Concert (RTC) versions 3.x through 3.0.1.5 IF6 and 4.x through 4.0.7 IF8 and 5.x through 5.0.2 IF10 and 6.0 through 6.0.0 IF3 Rational Requirements Composer (RRC) versions 3.x through 3.0.1.5 IF6 and 4.x through 4.0.7 IF8 Rational DOORS Next Generation (RDNG) versions 4.x through 4.0.7 IF8 and 5.x through 5.0.2 IF10 and 6.0 through 6.0.0 IF3 Rational Engineering Lifecycle Manager (RELM) versions 4.0.3 through 4.0.7 and 5.0 through 5.0.2 and 6.0.0 Rational Rhapsody Design Manager (DM) versions 4.0 through 4.0.7 and 5.0 through 5.0.2 and 6.0.0 Rational Software Architect Design Manager (DM) versions 4.0 through 4.0.7 and 5.0 through 5.0.2 and 6.0.0

Description The issue allows remote authenticated users to conduct clickjacking attacks via a crafted web site.

Recommendations For IBM Rational Collaborative Lifecycle Management (CLM) versions 3.x through 4.0.7 IF8 and 5.x through 5.0.2 IF10 and 6.x through 6.0.0 IF3, update to version 4.0.7 IF9, 5.0.2 IF11, or 6.0.0 IF4 or later. For Rational Quality Manager (RQM) versions 3.x through 3.0.1.5 IF6 and 4.x through 4.0.7 IF8 and 5.x through 5.0.2 IF10 and 6.0 through 6.0.0 IF3, update to version 3.0.1.6 IF7, 4.0.7 IF9, 5.0.2 IF11, or 6.0.0 IF4 or later. For Rational Team Concert (RTC) versions 3.x through 3.0.1.5 IF6 and 4.x through 4.0.7 IF8 and 5.x through 5.0.2 IF10 and 6.0 through 6.0.0 IF3, update to version 3.0.1.6 IF7, 4.0.7 IF9, 5.0.2 IF11, or 6.0.0 IF4 or later. For Rational Requirements Composer (RRC) versions 3.x through 3.0.1.5 IF6 and 4.x through 4.0.7 IF8, update to version 3.0.1.6 IF7 or 4.0.7 IF9 or later. For Rational DOORS Next Generation (RDNG) versions 4.x through 4.0.7 IF8 and 5.x through 5.0.2 IF10 and 6.0 through 6.0.0 IF3, update to version 4.0.7 IF9, 5.0.2 IF11, or 6.0.0 IF4 or later. For Rational Engineering Lifecycle Manager (RELM) versions 4.0.3 through 4.0.7 and 5.0 through 5.0.2 and 6.0.0, update to a version outside of the specified ranges. For Rational Rhapsody Design Manager (DM) versions 4.0 through 4.0.7 and 5.0 through 5.0.2 and 6.0.0, update to a version outside of the specified ranges. For Rational Software Architect Design Manager (DM) versions 4.0 through 4.0.7 and 5.0 through 5.0.2 and 6.0.0, update to a version outside of the specified ranges.