Denial of Service Vulnerability in IBM Jazz Team Server Products
CVE-2017-1700

6.5MEDIUM

Key Information:

Vendor: IBM
Status: Rational Team Concert; Rational Engineering Lifecycle Manager; Rational Software Architect Design Manager; Rational Quality Manager
Vendor: CVE Published:; 24 April 2018

What is CVE-2017-1700?

The vulnerability in IBM Jazz Team Server allows authenticated users to inadvertently trigger a denial of service condition. This flaw arises from inadequate authorization management in resource-intensive scenarios, impacting several Rational products including Collaborative Lifecycle Management and Rational DOORS Next Generation. By exploiting this vulnerability, users can overload system resources, leading to potential unavailability of services.

Affected Version(s)

Rational Collaborative Lifecycle Management 5.0

Rational Collaborative Lifecycle Management 5.0.1

Rational Collaborative Lifecycle Management 5.0.2

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/134392

vdb-entryx_refsource_XF

http://www.ibm.com/support/docview.wss?uid=swg22015635

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 24, 2018
Vulnerability Reserved
Nov 30, 2016