IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to access settings that they should not be able to using a specially crafted URL. IBM X-Force ID: 132625.
References
Link | Resource |
---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/132625 | VDB Entry Vendor Advisory |
http://www.ibm.com/support/docview.wss?uid=swg22014815 | Patch Vendor Advisory |
http://www.securityfocus.com/bid/103477 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
Configuration 7 (hide)
|
Information
Published : 2018-03-23 12:29
Updated : 2019-10-09 16:26
NVD link : CVE-2017-1602
Mitre link : CVE-2017-1602
JSON object : View
CWE
CWE-552
Files or Directories Accessible to External Parties
Products Affected
ibm
- rational_collaborative_lifecycle_management
- rational_doors_next_generation
- rational_quality_manager
- rational_rhapsody_design_manager
- rational_software_architect_design_manager
- rational_engineering_lifecycle_manager
- rational_team_concert