CVE-2015-7449

Name of the Vulnerable Software and Affected Versions IBM Rational Collaborative Lifecycle Management (CLM) versions 4.0.x through 4.0.7 before iFix10, 5.0.x through 5.0.2 before iFix15, 6.0.x through 6.0.1 before iFix5, and 6.0.2 before iFix2 Rational Quality Manager (RQM) versions 4.0.x through 4.0.7 before iFix10, 5.0.x through 5.0.2 before iFix15, 6.0.x through 6.0.1 before iFix5, and 6.0.2 before iFix2 Rational Team Concert (RTC) versions 4.0.x through 4.0.7 before iFix10, 5.0.x through 5.0.2 before iFix15, 6.0.x through 6.0.1 before iFix5, and 6.0.2 before iFix2 Rational Requirements Composer (RRC) versions 4.0.x through 4.0.7 before iFix10 Rational DOORS Next Generation (RDNG) versions 4.0.x through 4.0.7 before iFix10, 5.0.x through 5.0.2 before iFix15, 6.0.x through 6.0.1 before iFix5, and 6.0.2 before iFix2 Rational Engineering Lifecycle Manager (RELM) versions 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7 before iFix1, 5.0.x through 5.0.2 before iFix1, and 6.0.x through 6.0.2 Rational Rhapsody Design Manager (Rhapsody DM) versions 4.0.x through 4.0.7 before iFix10, 5.0.x through 5.0.2 before iFix15, 6.0.x through 6.0.1 before iFix5, and 6.0.2 before iFix2 Rational Software Architect Design Manager (RSA DM) versions 4.0.x through 4.0.7 before iFix10, 5.0.x through 5.0.2 before iFix15, 6.0.x through 6.0.1 before iFix5, and 6.0.2 before iFix2

Description The issue allows local users to obtain sensitive information by leveraging weak encryption.

Recommendations For IBM Rational Collaborative Lifecycle Management (CLM) versions 4.0.x through 4.0.7 before iFix10, 5.0.x through 5.0.2 before iFix15, 6.0.x through 6.0.1 before iFix5, and 6.0.2 before iFix2, update to a version with the respective iFix applied. For Rational Quality Manager (RQM) versions 4.0.x through 4.0.7 before iFix10, 5.0.x through 5.0.2 before iFix15, 6.0.x through 6.0.1 before iFix5, and 6.0.2 before iFix2, update to a version with the respective iFix applied. For Rational Team Concert (RTC) versions 4.0.x through 4.0.7 before iFix10, 5.0.x through 5.0.2 before iFix15, 6.0.x through 6.0.1 before iFix5, and 6.0.2 before iFix2, update to a version with the respective iFix applied. For Rational Requirements Composer (RRC) versions 4.0.x through 4.0.7 before iFix10, update to a version with iFix10 applied. For Rational DOORS Next Generation (RDNG) versions 4.0.x through 4.0.7 before iFix10, 5.0.x through 5.0.2 before iFix15, 6.0.x through 6.0.1 before iFix5, and 6.0.2 before iFix2, update to a version with the respective iFix applied. For Rational Engineering Lifecycle Manager (RELM) versions 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7 before iFix1, 5.0.x through 5.0.2 before iFix1, and 6.0.x through 6.0.2, update to a version with the respective iFix applied. For Rational Rhapsody Design Manager (Rhapsody DM) versions 4.0.x through 4.0.7 before iFix10, 5.0.x through 5.0.2 before iFix15, 6.0.x through 6.0.1 before iFix5, and 6.0.2 before iFix2, update to a version with the respective iFix applied. For Rational Software Architect Design Manager (RSA DM) versions 4.0.x through 4.0.7 before iFix10, 5.0.x through 5.0.2 before iFix15, 6.0.x through 6.0.1 before iFix5, and 6.0.2 before iFix2, update to a version with the respective iFix applied.