Cross-Site Scripting Vulnerability in IBM Rational Software Architect and Rhapsody Design Manager
CVE-2018-1585

5.4MEDIUM

Key Information:

Vendor

IBM
Status
Rational Software Architect Design Manager
Rational Rhapsody Design Manager
Vendor
CVE Published:
19 July 2018

What is CVE-2018-1585?

A cross-site scripting vulnerability exists in IBM Rational Rhapsody Design Manager and IBM Rational Software Architect Design Manager. This flaw allows malicious users to inject arbitrary JavaScript code into the web user interface, potentially altering its intended functionality and risking credential exposure during trusted sessions. Proper sanitization and user input validation measures should be implemented to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Rational Rhapsody Design Manager 5.0

Rational Rhapsody Design Manager 5.0.2

Rational Rhapsody Design Manager 5.0.1

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/143498
vdb-entryx_refsource_XF
http://www.ibm.com/support/docview.wss?uid=ibm10716029
x_refsource_CONFIRM

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.