Search criteria
ⓘ
Use full-text search for keyword queries.
Combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by dates instead of relevance.
10 vulnerabilities found for Rational DOORS Next Generation by IBM Corporation
CVE-2016-6055 (GCVE-0-2016-6055)
Vulnerability from nvd – Published: 2017-02-23 16:00 – Updated: 2024-08-06 01:22
VLAI?
Summary
IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1995515.
Severity ?
No CVSS data available.
CWE
- Cross-Site Scripting
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Rational DOORS Next Generation |
Affected:
4.0.1
Affected: 4.0.5 Affected: 5.0.2 Affected: 4.0.2 Affected: 4.0.3 Affected: 4.0.4 Affected: 4.0.6 Affected: 4.0.7 Affected: 5.0 Affected: 5.0.1 Affected: 6.0 Affected: 6.0.1 Affected: 6.0.2 Affected: 6.0.3 |
Date Public ?
2017-02-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:22:19.001Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995515"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rational DOORS Next Generation",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.5"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.4"
},
{
"status": "affected",
"version": "4.0.6"
},
{
"status": "affected",
"version": "4.0.7"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.3"
}
]
}
],
"datePublic": "2017-02-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1995515."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-23T15:57:01.000Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995515"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-6055",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rational DOORS Next Generation",
"version": {
"version_data": [
{
"version_value": "4.0.1"
},
{
"version_value": "4.0.5"
},
{
"version_value": "5.0.2"
},
{
"version_value": "4.0.2"
},
{
"version_value": "4.0.3"
},
{
"version_value": "4.0.4"
},
{
"version_value": "4.0.6"
},
{
"version_value": "4.0.7"
},
{
"version_value": "5.0"
},
{
"version_value": "5.0.1"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.3"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1995515."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21995515",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995515"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-6055",
"datePublished": "2017-02-23T16:00:00.000Z",
"dateReserved": "2016-06-29T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:22:19.001Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6060 (GCVE-0-2016-6060)
Vulnerability from nvd – Published: 2017-02-15 19:00 – Updated: 2024-08-06 01:22
VLAI?
Summary
An undisclosed vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 could allow a JazzGuest user to see project names. IBM Reference #: 1995547.
Severity ?
No CVSS data available.
CWE
- Obtain Information
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Rational DOORS Next Generation |
Affected:
4.0.1
Affected: 4.0.5 Affected: 5.0.2 Affected: 4.0.2 Affected: 4.0.3 Affected: 4.0.4 Affected: 4.0.6 Affected: 4.0.7 Affected: 5.0 Affected: 5.0.1 Affected: 6.0 Affected: 6.0.1 Affected: 6.0.2 Affected: 6.0.3 |
Date Public ?
2017-02-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:22:20.655Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995547"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rational DOORS Next Generation",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.5"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.4"
},
{
"status": "affected",
"version": "4.0.6"
},
{
"status": "affected",
"version": "4.0.7"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.3"
}
]
}
],
"datePublic": "2017-02-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An undisclosed vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 could allow a JazzGuest user to see project names. IBM Reference #: 1995547."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-15T18:57:01.000Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995547"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-6060",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rational DOORS Next Generation",
"version": {
"version_data": [
{
"version_value": "4.0.1"
},
{
"version_value": "4.0.5"
},
{
"version_value": "5.0.2"
},
{
"version_value": "4.0.2"
},
{
"version_value": "4.0.3"
},
{
"version_value": "4.0.4"
},
{
"version_value": "4.0.6"
},
{
"version_value": "4.0.7"
},
{
"version_value": "5.0"
},
{
"version_value": "5.0.1"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.3"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An undisclosed vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 could allow a JazzGuest user to see project names. IBM Reference #: 1995547."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21995547",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995547"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-6060",
"datePublished": "2017-02-15T19:00:00.000Z",
"dateReserved": "2016-06-29T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:22:20.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1128 (GCVE-0-2017-1128)
Vulnerability from nvd – Published: 2017-02-08 19:00 – Updated: 2024-08-05 13:25
VLAI?
Summary
IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Severity ?
No CVSS data available.
CWE
- Cross-Site Scripting
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Rational DOORS Next Generation |
Affected:
4.0.1
Affected: 4.0.5 Affected: 5.0.2 Affected: 4.0.2 Affected: 4.0.3 Affected: 4.0.4 Affected: 4.0.6 Affected: 4.0.7 Affected: 5.0 Affected: 5.0.1 Affected: 6.0 Affected: 6.0.1 Affected: 6.0.2 |
Date Public ?
2017-02-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:25:17.484Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96017",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96017"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996645"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rational DOORS Next Generation",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.5"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.4"
},
{
"status": "affected",
"version": "4.0.6"
},
{
"status": "affected",
"version": "4.0.7"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
}
]
}
],
"datePublic": "2017-02-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-09T10:57:02.000Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "96017",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96017"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996645"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2017-1128",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rational DOORS Next Generation",
"version": {
"version_data": [
{
"version_value": "4.0.1"
},
{
"version_value": "4.0.5"
},
{
"version_value": "5.0.2"
},
{
"version_value": "4.0.2"
},
{
"version_value": "4.0.3"
},
{
"version_value": "4.0.4"
},
{
"version_value": "4.0.6"
},
{
"version_value": "4.0.7"
},
{
"version_value": "5.0"
},
{
"version_value": "5.0.1"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96017",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96017"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21996645",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996645"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1128",
"datePublished": "2017-02-08T19:00:00.000Z",
"dateReserved": "2016-11-30T00:00:00.000Z",
"dateUpdated": "2024-08-05T13:25:17.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1127 (GCVE-0-2017-1127)
Vulnerability from nvd – Published: 2017-02-08 19:00 – Updated: 2024-08-05 13:25
VLAI?
Summary
IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Severity ?
No CVSS data available.
CWE
- Cross-Site Scripting
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Rational DOORS Next Generation |
Affected:
4.0.1
Affected: 4.0.5 Affected: 5.0.2 Affected: 4.0.2 Affected: 4.0.3 Affected: 4.0.4 Affected: 4.0.6 Affected: 4.0.7 Affected: 5.0 Affected: 5.0.1 Affected: 6.0 Affected: 6.0.1 Affected: 6.0.2 |
Date Public ?
2017-02-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:25:17.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96019",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96019"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996645"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rational DOORS Next Generation",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.5"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.4"
},
{
"status": "affected",
"version": "4.0.6"
},
{
"status": "affected",
"version": "4.0.7"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
}
]
}
],
"datePublic": "2017-02-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-09T10:57:02.000Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "96019",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96019"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996645"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2017-1127",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rational DOORS Next Generation",
"version": {
"version_data": [
{
"version_value": "4.0.1"
},
{
"version_value": "4.0.5"
},
{
"version_value": "5.0.2"
},
{
"version_value": "4.0.2"
},
{
"version_value": "4.0.3"
},
{
"version_value": "4.0.4"
},
{
"version_value": "4.0.6"
},
{
"version_value": "4.0.7"
},
{
"version_value": "5.0"
},
{
"version_value": "5.0.1"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96019",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96019"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21996645",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996645"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1127",
"datePublished": "2017-02-08T19:00:00.000Z",
"dateReserved": "2016-11-30T00:00:00.000Z",
"dateUpdated": "2024-08-05T13:25:17.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9748 (GCVE-0-2016-9748)
Vulnerability from nvd – Published: 2017-02-08 19:00 – Updated: 2024-08-06 02:59
VLAI?
Summary
IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive information in error response messages that could be used for further attacks against the system.
Severity ?
No CVSS data available.
CWE
- Obtain Information
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Rational DOORS Next Generation |
Affected:
4.0.1
Affected: 4.0.5 Affected: 5.0.2 Affected: 4.0.2 Affected: 4.0.3 Affected: 4.0.4 Affected: 4.0.6 Affected: 4.0.7 Affected: 5.0 Affected: 5.0.1 Affected: 6.0 Affected: 6.0.1 Affected: 6.0.2 |
Date Public ?
2017-02-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:59:03.390Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21991461"
},
{
"name": "96074",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96074"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rational DOORS Next Generation",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.5"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.4"
},
{
"status": "affected",
"version": "4.0.6"
},
{
"status": "affected",
"version": "4.0.7"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
}
]
}
],
"datePublic": "2017-02-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive information in error response messages that could be used for further attacks against the system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-09T10:57:02.000Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21991461"
},
{
"name": "96074",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96074"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-9748",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rational DOORS Next Generation",
"version": {
"version_data": [
{
"version_value": "4.0.1"
},
{
"version_value": "4.0.5"
},
{
"version_value": "5.0.2"
},
{
"version_value": "4.0.2"
},
{
"version_value": "4.0.3"
},
{
"version_value": "4.0.4"
},
{
"version_value": "4.0.6"
},
{
"version_value": "4.0.7"
},
{
"version_value": "5.0"
},
{
"version_value": "5.0.1"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive information in error response messages that could be used for further attacks against the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21991461",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21991461"
},
{
"name": "96074",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96074"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-9748",
"datePublished": "2017-02-08T19:00:00.000Z",
"dateReserved": "2016-12-01T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:59:03.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6055 (GCVE-0-2016-6055)
Vulnerability from cvelistv5 – Published: 2017-02-23 16:00 – Updated: 2024-08-06 01:22
VLAI?
Summary
IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1995515.
Severity ?
No CVSS data available.
CWE
- Cross-Site Scripting
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Rational DOORS Next Generation |
Affected:
4.0.1
Affected: 4.0.5 Affected: 5.0.2 Affected: 4.0.2 Affected: 4.0.3 Affected: 4.0.4 Affected: 4.0.6 Affected: 4.0.7 Affected: 5.0 Affected: 5.0.1 Affected: 6.0 Affected: 6.0.1 Affected: 6.0.2 Affected: 6.0.3 |
Date Public ?
2017-02-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:22:19.001Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995515"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rational DOORS Next Generation",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.5"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.4"
},
{
"status": "affected",
"version": "4.0.6"
},
{
"status": "affected",
"version": "4.0.7"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.3"
}
]
}
],
"datePublic": "2017-02-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1995515."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-23T15:57:01.000Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995515"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-6055",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rational DOORS Next Generation",
"version": {
"version_data": [
{
"version_value": "4.0.1"
},
{
"version_value": "4.0.5"
},
{
"version_value": "5.0.2"
},
{
"version_value": "4.0.2"
},
{
"version_value": "4.0.3"
},
{
"version_value": "4.0.4"
},
{
"version_value": "4.0.6"
},
{
"version_value": "4.0.7"
},
{
"version_value": "5.0"
},
{
"version_value": "5.0.1"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.3"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1995515."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21995515",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995515"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-6055",
"datePublished": "2017-02-23T16:00:00.000Z",
"dateReserved": "2016-06-29T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:22:19.001Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6060 (GCVE-0-2016-6060)
Vulnerability from cvelistv5 – Published: 2017-02-15 19:00 – Updated: 2024-08-06 01:22
VLAI?
Summary
An undisclosed vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 could allow a JazzGuest user to see project names. IBM Reference #: 1995547.
Severity ?
No CVSS data available.
CWE
- Obtain Information
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Rational DOORS Next Generation |
Affected:
4.0.1
Affected: 4.0.5 Affected: 5.0.2 Affected: 4.0.2 Affected: 4.0.3 Affected: 4.0.4 Affected: 4.0.6 Affected: 4.0.7 Affected: 5.0 Affected: 5.0.1 Affected: 6.0 Affected: 6.0.1 Affected: 6.0.2 Affected: 6.0.3 |
Date Public ?
2017-02-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:22:20.655Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995547"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rational DOORS Next Generation",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.5"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.4"
},
{
"status": "affected",
"version": "4.0.6"
},
{
"status": "affected",
"version": "4.0.7"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.3"
}
]
}
],
"datePublic": "2017-02-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An undisclosed vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 could allow a JazzGuest user to see project names. IBM Reference #: 1995547."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-15T18:57:01.000Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995547"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-6060",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rational DOORS Next Generation",
"version": {
"version_data": [
{
"version_value": "4.0.1"
},
{
"version_value": "4.0.5"
},
{
"version_value": "5.0.2"
},
{
"version_value": "4.0.2"
},
{
"version_value": "4.0.3"
},
{
"version_value": "4.0.4"
},
{
"version_value": "4.0.6"
},
{
"version_value": "4.0.7"
},
{
"version_value": "5.0"
},
{
"version_value": "5.0.1"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.3"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An undisclosed vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 could allow a JazzGuest user to see project names. IBM Reference #: 1995547."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21995547",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995547"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-6060",
"datePublished": "2017-02-15T19:00:00.000Z",
"dateReserved": "2016-06-29T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:22:20.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9748 (GCVE-0-2016-9748)
Vulnerability from cvelistv5 – Published: 2017-02-08 19:00 – Updated: 2024-08-06 02:59
VLAI?
Summary
IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive information in error response messages that could be used for further attacks against the system.
Severity ?
No CVSS data available.
CWE
- Obtain Information
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Rational DOORS Next Generation |
Affected:
4.0.1
Affected: 4.0.5 Affected: 5.0.2 Affected: 4.0.2 Affected: 4.0.3 Affected: 4.0.4 Affected: 4.0.6 Affected: 4.0.7 Affected: 5.0 Affected: 5.0.1 Affected: 6.0 Affected: 6.0.1 Affected: 6.0.2 |
Date Public ?
2017-02-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:59:03.390Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21991461"
},
{
"name": "96074",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96074"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rational DOORS Next Generation",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.5"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.4"
},
{
"status": "affected",
"version": "4.0.6"
},
{
"status": "affected",
"version": "4.0.7"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
}
]
}
],
"datePublic": "2017-02-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive information in error response messages that could be used for further attacks against the system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-09T10:57:02.000Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21991461"
},
{
"name": "96074",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96074"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-9748",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rational DOORS Next Generation",
"version": {
"version_data": [
{
"version_value": "4.0.1"
},
{
"version_value": "4.0.5"
},
{
"version_value": "5.0.2"
},
{
"version_value": "4.0.2"
},
{
"version_value": "4.0.3"
},
{
"version_value": "4.0.4"
},
{
"version_value": "4.0.6"
},
{
"version_value": "4.0.7"
},
{
"version_value": "5.0"
},
{
"version_value": "5.0.1"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive information in error response messages that could be used for further attacks against the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21991461",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21991461"
},
{
"name": "96074",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96074"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-9748",
"datePublished": "2017-02-08T19:00:00.000Z",
"dateReserved": "2016-12-01T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:59:03.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1128 (GCVE-0-2017-1128)
Vulnerability from cvelistv5 – Published: 2017-02-08 19:00 – Updated: 2024-08-05 13:25
VLAI?
Summary
IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Severity ?
No CVSS data available.
CWE
- Cross-Site Scripting
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Rational DOORS Next Generation |
Affected:
4.0.1
Affected: 4.0.5 Affected: 5.0.2 Affected: 4.0.2 Affected: 4.0.3 Affected: 4.0.4 Affected: 4.0.6 Affected: 4.0.7 Affected: 5.0 Affected: 5.0.1 Affected: 6.0 Affected: 6.0.1 Affected: 6.0.2 |
Date Public ?
2017-02-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:25:17.484Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96017",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96017"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996645"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rational DOORS Next Generation",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.5"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.4"
},
{
"status": "affected",
"version": "4.0.6"
},
{
"status": "affected",
"version": "4.0.7"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
}
]
}
],
"datePublic": "2017-02-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-09T10:57:02.000Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "96017",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96017"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996645"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2017-1128",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rational DOORS Next Generation",
"version": {
"version_data": [
{
"version_value": "4.0.1"
},
{
"version_value": "4.0.5"
},
{
"version_value": "5.0.2"
},
{
"version_value": "4.0.2"
},
{
"version_value": "4.0.3"
},
{
"version_value": "4.0.4"
},
{
"version_value": "4.0.6"
},
{
"version_value": "4.0.7"
},
{
"version_value": "5.0"
},
{
"version_value": "5.0.1"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96017",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96017"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21996645",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996645"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1128",
"datePublished": "2017-02-08T19:00:00.000Z",
"dateReserved": "2016-11-30T00:00:00.000Z",
"dateUpdated": "2024-08-05T13:25:17.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1127 (GCVE-0-2017-1127)
Vulnerability from cvelistv5 – Published: 2017-02-08 19:00 – Updated: 2024-08-05 13:25
VLAI?
Summary
IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Severity ?
No CVSS data available.
CWE
- Cross-Site Scripting
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Rational DOORS Next Generation |
Affected:
4.0.1
Affected: 4.0.5 Affected: 5.0.2 Affected: 4.0.2 Affected: 4.0.3 Affected: 4.0.4 Affected: 4.0.6 Affected: 4.0.7 Affected: 5.0 Affected: 5.0.1 Affected: 6.0 Affected: 6.0.1 Affected: 6.0.2 |
Date Public ?
2017-02-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:25:17.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96019",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96019"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996645"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rational DOORS Next Generation",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.5"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.4"
},
{
"status": "affected",
"version": "4.0.6"
},
{
"status": "affected",
"version": "4.0.7"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
}
]
}
],
"datePublic": "2017-02-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-09T10:57:02.000Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "96019",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96019"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996645"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2017-1127",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rational DOORS Next Generation",
"version": {
"version_data": [
{
"version_value": "4.0.1"
},
{
"version_value": "4.0.5"
},
{
"version_value": "5.0.2"
},
{
"version_value": "4.0.2"
},
{
"version_value": "4.0.3"
},
{
"version_value": "4.0.4"
},
{
"version_value": "4.0.6"
},
{
"version_value": "4.0.7"
},
{
"version_value": "5.0"
},
{
"version_value": "5.0.1"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96019",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96019"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21996645",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996645"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1127",
"datePublished": "2017-02-08T19:00:00.000Z",
"dateReserved": "2016-11-30T00:00:00.000Z",
"dateUpdated": "2024-08-05T13:25:17.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}