CVE-2015-0121

Currently unrated

Key Information:

Vendor
IBM
Status
Rational Requirements Composer
Vendor
CVE Published:
30 May 2015

Summary

IBM Rational Requirements Composer 3.0 through 3.0.1.6 and 4.0 through 4.0.7 and Rational DOORS Next Generation (RDNG) 4.0 through 4.0.7 and 5.0 through 5.0.2, when LTPA single sign on is used with WebSphere Application Server, do not terminate a Requirements Management (RM) session upon LTPA token expiration, which allows remote attackers to obtain access by leveraging an unattended workstation.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21903761
x_refsource_CONFIRM
http://www.securityfocus.com/bid/74910
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.