CVE-2017-1602

Name of the Vulnerable Software and Affected Versions: IBM RSA DM (IBM Rational Collaborative Lifecycle Management) versions 5.0 through 6.0

Description: The issue allows an authenticated user to access settings they should not have access to by using a specially crafted URL.

Recommendations: For versions 5.0 through 6.0, consider restricting access to sensitive settings until a fix is available. As a temporary workaround, monitor user activity and URL requests to detect and prevent unauthorized access to restricted settings. At the moment, there is no information about a newer version that contains a fix for this issue.