Denial of Service Vulnerability in IBM Jazz Team Server Products
CVE-2017-1700

6.5MEDIUM

Key Information:

Vendor
IBM
Status
Rational Team Concert
Rational Engineering Lifecycle Manager
Rational Software Architect Design Manager
Rational Quality Manager
Vendor
CVE Published:
24 April 2018

Summary

The vulnerability in IBM Jazz Team Server allows authenticated users to inadvertently trigger a denial of service condition. This flaw arises from inadequate authorization management in resource-intensive scenarios, impacting several Rational products including Collaborative Lifecycle Management and Rational DOORS Next Generation. By exploiting this vulnerability, users can overload system resources, leading to potential unavailability of services.

Affected Version(s)

Rational Collaborative Lifecycle Management 5.0

Rational Collaborative Lifecycle Management 5.0.1

Rational Collaborative Lifecycle Management 5.0.2

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/134392
vdb-entryx_refsource_XF
http://www.ibm.com/support/docview.wss?uid=swg22015635
x_refsource_CONFIRM

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.