PT-2016-5252 · Ibm · Ibm Rational Team Concert+1
Published
2016-07-15
·
Updated
2016-11-28
·
CVE-2016-2865
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Rational Team Concert versions 5.x before 5.0.2 iFix14
IBM Rational Team Concert versions 6.x before 6.0.1 iFix5
Rational Collaborative Lifecycle Management versions 5.x before 5.0.2 iFix14
Rational Collaborative Lifecycle Management versions 6.x before 6.0.1 iFix5
Description
The issue allows remote authenticated users to obtain sensitive information via a malformed request. This is related to the GIT Integration component.
Recommendations
For IBM Rational Team Concert versions 5.x before 5.0.2 iFix14, update to 5.0.2 iFix14 or later.
For IBM Rational Team Concert versions 6.x before 6.0.1 iFix5, update to 6.0.1 iFix5 or later.
For Rational Collaborative Lifecycle Management versions 5.x before 5.0.2 iFix14, update to 5.0.2 iFix14 or later.
For Rational Collaborative Lifecycle Management versions 6.x before 6.0.1 iFix5, update to 6.0.1 iFix5 or later.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Rational Team Concert
Ibm Rational Collaborative Lifecycle Management