CVE-2017-1734

{"id": "CVE-2017-1734", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2018-04-24T14:29:00.373", "references": [{"url": "http://www.ibm.com/support/docview.wss?uid=swg22015635", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/134915", "tags": ["VDB Entry", "Vendor Advisory"], "source": "psirt@us.ibm.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM), and Rational Software Architect (RSA DM) stores potentially sensitive information in a cache that could be read by authenticated users. IBM X-Force ID: 134915."}, {"lang": "es", "value": "IBM Jazz Team Server afecta a los siguientes productos IBM Rational: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM) y Rational Software Architect (RSA DM) almacenan informaci\u00f3n potencialmente sensible en una cach\u00e9 que podr\u00eda ser le\u00edda por usuarios autenticados. IBM X-Force ID: 134915."}], "lastModified": "2018-06-05T18:06:11.953", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50F8C5C0-7688-42E8-862B-3CB138274858", "versionEndIncluding": "6.0.5", "versionStartExcluding": "5.0"}, {"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E64000F3-395D-4826-92DD-DB2489470462", "versionEndIncluding": "5.0.2", "versionStartIncluding": "5.0"}, {"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE15C4BA-1322-4EF3-83D3-F78B9D37E81C", "versionEndIncluding": "6.0.5", "versionStartIncluding": "6.0"}, {"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F767CA4-A024-44A4-A987-17057E1A6245", "versionEndIncluding": "5.0.2", "versionStartIncluding": "5.0"}, {"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B398352-76E1-4727-B34C-620F26CBD5BF", "versionEndIncluding": "6.0.5", "versionStartIncluding": "6.0"}, {"criteria": "cpe:2.3:a:ibm:rational_quality_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "886BE49D-114F-4BF7-BE5C-2EEFA44CAFD6", "versionEndIncluding": "5.0.2", "versionStartIncluding": "5.0"}, {"criteria": "cpe:2.3:a:ibm:rational_quality_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1428CCDC-D542-4983-B035-66FC28E5FF6A", "versionEndIncluding": "6.0.5", "versionStartIncluding": "6.0"}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B07DA35D-2527-4DE8-97F1-9FC1C48255EE", "versionEndIncluding": "5.0.2", "versionStartIncluding": "5.0"}, {"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B2601D1-4D55-4B4A-9CED-CF736270E63F", "versionEndIncluding": "6.0.5", "versionStartIncluding": "6.0"}, {"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1113669B-B338-4ABD-9A34-B57880020C84", "versionEndIncluding": "5.0.2", "versionStartIncluding": "5.0"}, {"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A237ED01-A834-46B3-9396-6BA0EFF2B27A", "versionEndIncluding": "6.0.1", "versionStartIncluding": "6.0"}, {"criteria": "cpe:2.3:a:ibm:rational_team_concert:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A559F0D7-DFB9-4CBB-8F64-EE7FE1B4DFE5", "versionEndIncluding": "5.0.2", "versionStartIncluding": "5.0"}, {"criteria": "cpe:2.3:a:ibm:rational_team_concert:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8934D3C7-2C1C-4BE0-B3F5-320364879DC3", "versionEndIncluding": "6.0.5", "versionStartIncluding": "6.0"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}