Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.x before 6.0.0 IF4; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Engineering Lifecycle Manager (RELM) 4.0.3 through 4.0.7, 5.0 through 5.0.2, and 6.0.0; Rational Rhapsody Design Manager (DM) 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0.0; and Rational Software Architect Design Manager (DM) 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0.0 allows remote authenticated users to conduct clickjacking attacks via a crafted web site.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
Configuration 7 (hide)
|
Configuration 8 (hide)
|
History
21 Nov 2024, 02:26
Type | Values Removed | Values Added |
---|---|---|
References | () http://www-01.ibm.com/support/docview.wss?uid=swg21973200 - Vendor Advisory | |
References | () http://www.securitytracker.com/id/1034565 - | |
References | () http://www.securitytracker.com/id/1034566 - | |
References | () http://www.securitytracker.com/id/1034567 - | |
References | () http://www.securitytracker.com/id/1034568 - |
Information
Published : 2016-01-02 21:59
Updated : 2024-11-21 02:26
NVD link : CVE-2015-1928
Mitre link : CVE-2015-1928
CVE.ORG link : CVE-2015-1928
JSON object : View
Products Affected
ibm
- rational_doors_next_generation
- rational_rhapsody_design_manager
- rational_collaborative_lifecycle_management
- rational_team_concert
- rational_engineering_lifecycle_manager
- rational_quality_manager
- rational_requirements_composer
- rational_software_architect_design_manager
CWE
CWE-20
Improper Input Validation