Description

IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM), and Rational Software Architect (RSA DM) stores potentially sensitive information in a cache that could be read by authenticated users. IBM X-Force ID: 134915.

Remediation

References

CVE-2017-1734

Related Vulnerabilities

WordPress Plugin Spreadsheet (wpSS) 'ss_id' Parameter SQL Injection (0.61)

WordPress Plugin MailUp newsletter sign-up form Security Bypass (1.3.2)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7846)

MediaWiki CVE-2017-0371 Vulnerability (CVE-2017-0371)

OpenSSL Use of Insufficiently Random Values Vulnerability (CVE-2019-1549)

Severity

Medium

Classification

CVE-2017-1734 CWE-200 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities