| Max CVSS | 7.5 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-9698 | 7.5 |
IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or cons
|
14-06-2017 - 14:05 | 08-06-2017 - 21:29 | |
| CVE-2016-8973 | 4.0 |
IBM Rhapsody DM 4.0, 5.0 and 6.0 contains an undisclosed vulnerability that may allow an authenticated user to upload infected malicious files to the server. IBM Reference #: 1999960.
|
23-03-2017 - 13:20 | 20-03-2017 - 16:59 | |
| CVE-2016-9696 | 3.5 |
IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM Reference #:
|
23-03-2017 - 13:19 | 20-03-2017 - 16:59 | |
| CVE-2016-9697 | 2.1 |
An unspecified vulnerability in IBM Rhapsody DM 4.0, 5.0, and 6.0 could allow an attacker to perform a JSON Hijacking Attack. A JSON Hijacking Attack may expose to an attacker information passed between the server and the browser. IBM Reference #: 19
|
23-03-2017 - 13:19 | 20-03-2017 - 16:59 | |
| CVE-2016-9694 | 3.5 |
IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a
|
23-03-2017 - 13:19 | 20-03-2017 - 16:59 |