Information Disclosure Vulnerability in IBM Rational Products
CVE-2017-1559

3.1LOW

Key Information:

Vendor: IBM
Status: Rational Rhapsody Design Manager; Rational Software Architect Design Manager; Rational Team Concert; Rational Collaborative Lifecycle Management
Vendor: CVE Published:; 6 July 2018

Summary

Multiple IBM Rational products are susceptible to an information disclosure vulnerability that can be exploited by attackers. By intercepting certain requests, an attacker may access sensitive information. This vulnerability highlights the importance of securing communication channels and implementing effective monitoring and logging to detect potential exploits.

Affected Version(s)

Rational Collaborative Lifecycle Management 6.0

Rational Collaborative Lifecycle Management 6.0.1

Rational Collaborative Lifecycle Management 6.0.2

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/131758

vdb-entryx_refsource_XF

https://www-prd-trops.events.ibm.com/node/715709

x_refsource_CONFIRM

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 6, 2018
Vulnerability Reserved
Nov 30, 2016