Vulnerabilites related to IBM - Jazz Team Server
CVE-2021-29865 (GCVE-0-2021-29865)
Vulnerability from cvelistv5
Published
2022-06-24 16:15
Modified
2024-09-17 02:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Gain Access
Summary
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 206091.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ibm.com/support/pages/node/6597505 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/206091 | vdb-entry, x_refsource_XF |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Jazz Team Server |
Version: 6.0.6 Version: 6.0.6.1 Version: 7.0 Version: 7.0.1 Version: 7.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:18:03.197Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/6597505"
},
{
"name": "ibm-jazz-cve202129865-clickjacking (206091)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/206091"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jazz Team Server",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.0.6"
},
{
"status": "affected",
"version": "6.0.6.1"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.0.2"
}
]
}
],
"datePublic": "2022-06-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim\u0027s click actions and possibly launch further attacks against the victim. IBM X-Force ID: 206091."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitCodeMaturity": "UNPROVEN",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "CHANGED",
"temporalScore": 4.7,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/UI:R/AV:N/AC:L/S:C/A:N/PR:L/I:L/C:L/RC:C/RL:O/E:U",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Gain Access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-24T16:15:40",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/support/pages/node/6597505"
},
{
"name": "ibm-jazz-cve202129865-clickjacking (206091)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/206091"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2022-06-22T00:00:00",
"ID": "CVE-2021-29865",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jazz Team Server",
"version": {
"version_data": [
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
},
{
"version_value": "7.0"
},
{
"version_value": "7.0.1"
},
{
"version_value": "7.0.2"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim\u0027s click actions and possibly launch further attacks against the victim. IBM X-Force ID: 206091."
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"AC": "L",
"AV": "N",
"C": "L",
"I": "L",
"PR": "L",
"S": "C",
"UI": "R"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6597505",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6597505 (Jazz Team Server)",
"url": "https://www.ibm.com/support/pages/node/6597505"
},
{
"name": "ibm-jazz-cve202129865-clickjacking (206091)",
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/206091"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2021-29865",
"datePublished": "2022-06-24T16:15:40.841794Z",
"dateReserved": "2021-03-31T00:00:00",
"dateUpdated": "2024-09-17T02:42:06.431Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-20355 (GCVE-0-2021-20355)
Vulnerability from cvelistv5
Published
2022-06-24 16:15
Modified
2024-09-17 02:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Obtain Information
Summary
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 194891.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ibm.com/support/pages/node/6597583 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/194891 | vdb-entry, x_refsource_XF |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Jazz Team Server |
Version: 6.0.6 Version: 6.0.6.1 Version: 7.0 Version: 7.0.1 Version: 7.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:37:23.956Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/6597583"
},
{
"name": "ibm-jazz-cve202120355-info-disc (194891)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/194891"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jazz Team Server",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.0.6"
},
{
"status": "affected",
"version": "6.0.6.1"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.0.2"
}
]
}
],
"datePublic": "2022-06-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 194891."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"exploitCodeMaturity": "UNPROVEN",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 3.2,
"temporalSeverity": "LOW",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/I:N/C:L/AV:N/UI:N/S:U/AC:H/A:N/PR:N/RL:O/RC:C/E:U",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-24T16:15:31",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/support/pages/node/6597583"
},
{
"name": "ibm-jazz-cve202120355-info-disc (194891)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/194891"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2022-06-22T00:00:00",
"ID": "CVE-2021-20355",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jazz Team Server",
"version": {
"version_data": [
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
},
{
"version_value": "7.0"
},
{
"version_value": "7.0.1"
},
{
"version_value": "7.0.2"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 194891."
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"AC": "H",
"AV": "N",
"C": "L",
"I": "N",
"PR": "N",
"S": "U",
"UI": "N"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6597583",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6597583 (Jazz Team Server)",
"url": "https://www.ibm.com/support/pages/node/6597583"
},
{
"name": "ibm-jazz-cve202120355-info-disc (194891)",
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/194891"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2021-20355",
"datePublished": "2022-06-24T16:15:31.741198Z",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-09-17T02:52:23.838Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-20543 (GCVE-0-2021-20543)
Vulnerability from cvelistv5
Published
2022-06-24 16:15
Modified
2024-09-17 00:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Gain Access
Summary
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 198929.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ibm.com/support/pages/node/6597515 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/198929 | vdb-entry, x_refsource_XF |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Jazz Team Server |
Version: 6.0.6 Version: 6.0.6.1 Version: 7.0 Version: 7.0.1 Version: 7.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:45:44.372Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/6597515"
},
{
"name": "ibm-jazz-cve202120543-html-injection (198929)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/198929"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jazz Team Server",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.0.6"
},
{
"status": "affected",
"version": "6.0.6.1"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.0.2"
}
]
}
],
"datePublic": "2022-06-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim\u0027s Web browser within the security context of the hosting site. IBM X-Force ID: 198929."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitCodeMaturity": "UNPROVEN",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "CHANGED",
"temporalScore": 4.7,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/S:C/AC:L/A:N/PR:L/AV:N/UI:R/C:L/I:L/E:U/RL:O/RC:C",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Gain Access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-24T16:15:35",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/support/pages/node/6597515"
},
{
"name": "ibm-jazz-cve202120543-html-injection (198929)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/198929"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2022-06-22T00:00:00",
"ID": "CVE-2021-20543",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jazz Team Server",
"version": {
"version_data": [
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
},
{
"version_value": "7.0"
},
{
"version_value": "7.0.1"
},
{
"version_value": "7.0.2"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim\u0027s Web browser within the security context of the hosting site. IBM X-Force ID: 198929."
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"AC": "L",
"AV": "N",
"C": "L",
"I": "L",
"PR": "L",
"S": "C",
"UI": "R"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6597515",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6597515 (Jazz Team Server)",
"url": "https://www.ibm.com/support/pages/node/6597515"
},
{
"name": "ibm-jazz-cve202120543-html-injection (198929)",
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/198929"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2021-20543",
"datePublished": "2022-06-24T16:15:35.863427Z",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-09-17T00:10:39.778Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-38871 (GCVE-0-2021-38871)
Vulnerability from cvelistv5
Published
2022-06-24 16:15
Modified
2024-09-17 02:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Cross-Site Scripting
Summary
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 208345.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ibm.com/support/pages/node/6597503 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/208345 | vdb-entry, x_refsource_XF |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Jazz Team Server |
Version: 6.0.6 Version: 6.0.6.1 Version: 7.0 Version: 7.0.1 Version: 7.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:51:20.371Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/6597503"
},
{
"name": "ibm-jazz-cve202138871-xss (208345)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/208345"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jazz Team Server",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.0.6"
},
{
"status": "affected",
"version": "6.0.6.1"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.0.2"
}
]
}
],
"datePublic": "2022-06-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 208345."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitCodeMaturity": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "CHANGED",
"temporalScore": 5.2,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/UI:R/AV:N/S:C/AC:L/A:N/PR:L/I:L/C:L/E:H/RL:O/RC:C",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-24T16:15:42",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/support/pages/node/6597503"
},
{
"name": "ibm-jazz-cve202138871-xss (208345)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/208345"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2022-06-22T00:00:00",
"ID": "CVE-2021-38871",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jazz Team Server",
"version": {
"version_data": [
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
},
{
"version_value": "7.0"
},
{
"version_value": "7.0.1"
},
{
"version_value": "7.0.2"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 208345."
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"AC": "L",
"AV": "N",
"C": "L",
"I": "L",
"PR": "L",
"S": "C",
"UI": "R"
},
"TM": {
"E": "H",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6597503",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6597503 (Jazz Team Server)",
"url": "https://www.ibm.com/support/pages/node/6597503"
},
{
"name": "ibm-jazz-cve202138871-xss (208345)",
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/208345"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2021-38871",
"datePublished": "2022-06-24T16:15:42.719522Z",
"dateReserved": "2021-08-16T00:00:00",
"dateUpdated": "2024-09-17T02:01:29.212Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-39059 (GCVE-0-2021-39059)
Vulnerability from cvelistv5
Published
2022-05-11 16:10
Modified
2024-09-16 23:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Cross-Site Scripting
Summary
IBM Jazz Foundation (IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 214619.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ibm.com/support/pages/node/6584347 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/214619 | vdb-entry, x_refsource_XF |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Jazz Team Server |
Version: 6.0.6 Version: 6.0.6.1 Version: 7.0 Version: 7.0.1 Version: 7.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:58:18.112Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/6584347"
},
{
"name": "ibm-jazz-cve202139059-xss (214619)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/214619"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jazz Team Server",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.0.6"
},
{
"status": "affected",
"version": "6.0.6.1"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.0.2"
}
]
}
],
"datePublic": "2022-05-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Jazz Foundation (IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 214619."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitCodeMaturity": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "CHANGED",
"temporalScore": 5.2,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/C:L/AV:N/I:L/PR:L/S:C/AC:L/A:N/UI:R/RC:C/E:H/RL:O",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T16:10:14",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/support/pages/node/6584347"
},
{
"name": "ibm-jazz-cve202139059-xss (214619)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/214619"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2022-05-10T00:00:00",
"ID": "CVE-2021-39059",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jazz Team Server",
"version": {
"version_data": [
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
},
{
"version_value": "7.0"
},
{
"version_value": "7.0.1"
},
{
"version_value": "7.0.2"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Jazz Foundation (IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 214619."
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"AC": "L",
"AV": "N",
"C": "L",
"I": "L",
"PR": "L",
"S": "C",
"UI": "R"
},
"TM": {
"E": "H",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6584347",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6584347 (Jazz Team Server)",
"url": "https://www.ibm.com/support/pages/node/6584347"
},
{
"name": "ibm-jazz-cve202139059-xss (214619)",
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/214619"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2021-39059",
"datePublished": "2022-05-11T16:10:14.841926Z",
"dateReserved": "2021-08-16T00:00:00",
"dateUpdated": "2024-09-16T23:46:20.687Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-38879 (GCVE-0-2021-38879)
Vulnerability from cvelistv5
Published
2022-06-24 16:15
Modified
2024-09-16 17:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Obtain Information
Summary
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 209057.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ibm.com/support/pages/node/6597501 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/209057 | vdb-entry, x_refsource_XF |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Jazz Team Server |
Version: 6.0.6 Version: 6.0.6.1 Version: 7.0 Version: 7.0.1 Version: 7.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:51:20.819Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/6597501"
},
{
"name": "ibm-jazz-cve202138879-info-disc (209057)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/209057"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jazz Team Server",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.0.6"
},
{
"status": "affected",
"version": "6.0.6.1"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.0.2"
}
]
}
],
"datePublic": "2022-06-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 209057."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"exploitCodeMaturity": "UNPROVEN",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 3.2,
"temporalSeverity": "LOW",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/C:L/I:N/S:U/AC:H/A:N/PR:N/UI:N/AV:N/E:U/RL:O/RC:C",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-24T16:15:44",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/support/pages/node/6597501"
},
{
"name": "ibm-jazz-cve202138879-info-disc (209057)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/209057"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2022-06-22T00:00:00",
"ID": "CVE-2021-38879",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jazz Team Server",
"version": {
"version_data": [
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
},
{
"version_value": "7.0"
},
{
"version_value": "7.0.1"
},
{
"version_value": "7.0.2"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 209057."
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"AC": "H",
"AV": "N",
"C": "L",
"I": "N",
"PR": "N",
"S": "U",
"UI": "N"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6597501",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6597501 (Jazz Team Server)",
"url": "https://www.ibm.com/support/pages/node/6597501"
},
{
"name": "ibm-jazz-cve202138879-info-disc (209057)",
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/209057"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2021-38879",
"datePublished": "2022-06-24T16:15:44.246218Z",
"dateReserved": "2021-08-16T00:00:00",
"dateUpdated": "2024-09-16T17:03:52.831Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-20551 (GCVE-0-2021-20551)
Vulnerability from cvelistv5
Published
2022-06-24 16:15
Modified
2024-09-17 03:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Obtain Information
Summary
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 199149.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ibm.com/support/pages/node/6597511 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/199169 | vdb-entry, x_refsource_XF |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Jazz Team Server |
Version: 6.0.6 Version: 6.0.6.1 Version: 7.0 Version: 7.0.1 Version: 7.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:45:44.703Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/6597511"
},
{
"name": "ibm-jazz-cve202120551-info-disc (199169)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/199169"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jazz Team Server",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.0.6"
},
{
"status": "affected",
"version": "6.0.6.1"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.0.2"
}
]
}
],
"datePublic": "2022-06-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 199149."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitCodeMaturity": "UNPROVEN",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 3.5,
"temporalSeverity": "LOW",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/S:U/A:N/AC:L/PR:N/UI:N/AV:L/C:L/I:N/E:U/RC:C/RL:O",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-24T16:15:39",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/support/pages/node/6597511"
},
{
"name": "ibm-jazz-cve202120551-info-disc (199169)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/199169"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2022-06-22T00:00:00",
"ID": "CVE-2021-20551",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jazz Team Server",
"version": {
"version_data": [
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
},
{
"version_value": "7.0"
},
{
"version_value": "7.0.1"
},
{
"version_value": "7.0.2"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 199149."
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"AC": "L",
"AV": "L",
"C": "L",
"I": "N",
"PR": "N",
"S": "U",
"UI": "N"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6597511",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6597511 (Jazz Team Server)",
"url": "https://www.ibm.com/support/pages/node/6597511"
},
{
"name": "ibm-jazz-cve202120551-info-disc (199169)",
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/199169"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2021-20551",
"datePublished": "2022-06-24T16:15:39.197374Z",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-09-17T03:28:38.565Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-20544 (GCVE-0-2021-20544)
Vulnerability from cvelistv5
Published
2022-06-24 16:15
Modified
2024-09-16 22:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Gain Access
Summary
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 198931.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ibm.com/support/pages/node/6597513 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/198931 | vdb-entry, x_refsource_XF |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Jazz Team Server |
Version: 6.0.6 Version: 6.0.6.1 Version: 7.0 Version: 7.0.1 Version: 7.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:45:44.667Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/6597513"
},
{
"name": "ibm-jazz-cve20212044-ssrf (198931)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/198931"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jazz Team Server",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.0.6"
},
{
"status": "affected",
"version": "6.0.6.1"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.0.2"
}
]
}
],
"datePublic": "2022-06-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 198931."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitCodeMaturity": "UNPROVEN",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 4.7,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/C:L/I:L/PR:L/A:N/S:U/AC:L/UI:N/AV:N/RC:C/RL:O/E:U",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Gain Access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-24T16:15:37",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/support/pages/node/6597513"
},
{
"name": "ibm-jazz-cve20212044-ssrf (198931)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/198931"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2022-06-22T00:00:00",
"ID": "CVE-2021-20544",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jazz Team Server",
"version": {
"version_data": [
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
},
{
"version_value": "7.0"
},
{
"version_value": "7.0.1"
},
{
"version_value": "7.0.2"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 198931."
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"AC": "L",
"AV": "N",
"C": "L",
"I": "L",
"PR": "L",
"S": "U",
"UI": "N"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6597513",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6597513 (Jazz Team Server)",
"url": "https://www.ibm.com/support/pages/node/6597513"
},
{
"name": "ibm-jazz-cve20212044-ssrf (198931)",
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/198931"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2021-20544",
"datePublished": "2022-06-24T16:15:37.449176Z",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-09-16T22:56:00.826Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-20421 (GCVE-0-2021-20421)
Vulnerability from cvelistv5
Published
2022-06-24 16:15
Modified
2024-09-16 21:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Gain Access
Summary
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ibm.com/support/pages/node/6597507 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/196300 | vdb-entry, x_refsource_XF |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Jazz Team Server |
Version: 6.0.6 Version: 6.0.6.1 Version: 7.0 Version: 7.0.1 Version: 7.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:37:24.198Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/6597507"
},
{
"name": "ibm-jazz-cve202120421-ssrf (196300)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/196300"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jazz Team Server",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.0.6"
},
{
"status": "affected",
"version": "6.0.6.1"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.0.2"
}
]
}
],
"datePublic": "2022-06-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitCodeMaturity": "UNPROVEN",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 4.7,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/C:L/I:L/S:U/AC:L/A:N/PR:L/UI:N/AV:N/E:U/RL:O/RC:C",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Gain Access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-24T16:15:33",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/support/pages/node/6597507"
},
{
"name": "ibm-jazz-cve202120421-ssrf (196300)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/196300"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2022-06-22T00:00:00",
"ID": "CVE-2021-20421",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jazz Team Server",
"version": {
"version_data": [
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
},
{
"version_value": "7.0"
},
{
"version_value": "7.0.1"
},
{
"version_value": "7.0.2"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks."
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"AC": "L",
"AV": "N",
"C": "L",
"I": "L",
"PR": "L",
"S": "U",
"UI": "N"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6597507",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6597507 (Jazz Team Server)",
"url": "https://www.ibm.com/support/pages/node/6597507"
},
{
"name": "ibm-jazz-cve202120421-ssrf (196300)",
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/196300"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2021-20421",
"datePublished": "2022-06-24T16:15:33.782363Z",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-09-16T21:08:00.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-39043 (GCVE-0-2021-39043)
Vulnerability from cvelistv5
Published
2022-05-20 16:20
Modified
2024-09-16 22:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Cross-Site Scripting
Summary
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 214032.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ibm.com/support/pages/node/6587797 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/214032 | vdb-entry, x_refsource_XF |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Jazz Team Server |
Version: 6.0.6 Version: 6.0.6.1 Version: 7.0 Version: 7.0.1 Version: 7.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:58:17.997Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/6587797"
},
{
"name": "ibm-jazz-cve202139043-xss (214032)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/214032"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jazz Team Server",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.0.6"
},
{
"status": "affected",
"version": "6.0.6.1"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.0.2"
}
]
}
],
"datePublic": "2022-05-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 214032."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitCodeMaturity": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "CHANGED",
"temporalScore": 6.1,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/I:L/A:N/C:L/AC:L/AV:N/S:C/UI:N/PR:L/E:H/RL:O/RC:C",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-20T16:20:17",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/support/pages/node/6587797"
},
{
"name": "ibm-jazz-cve202139043-xss (214032)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/214032"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2022-05-19T00:00:00",
"ID": "CVE-2021-39043",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jazz Team Server",
"version": {
"version_data": [
{
"version_value": "6.0.6"
},
{
"version_value": "6.0.6.1"
},
{
"version_value": "7.0"
},
{
"version_value": "7.0.1"
},
{
"version_value": "7.0.2"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 214032."
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"AC": "L",
"AV": "N",
"C": "L",
"I": "L",
"PR": "L",
"S": "C",
"UI": "N"
},
"TM": {
"E": "H",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6587797",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6587797 (Jazz Team Server)",
"url": "https://www.ibm.com/support/pages/node/6587797"
},
{
"name": "ibm-jazz-cve202139043-xss (214032)",
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/214032"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2021-39043",
"datePublished": "2022-05-20T16:20:17.548608Z",
"dateReserved": "2021-08-16T00:00:00",
"dateUpdated": "2024-09-16T22:03:16.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-201803-0148
Vulnerability from variot
IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to access settings that they should not be able to using a specially crafted URL. IBM X-Force ID: 132625. Vendors have confirmed this vulnerability IBM X-Force ID: 132625 It is released as.Information may be tampered with. Multiple IBM Products are prone to the following multiple security vulnerabilities: 1. An information-disclosure vulnerability 2. Multiple cross-site scripting vulnerability 3. An access-bypass vulnerability An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, gain unauthorized access to the affected application or to obtain sensitive information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-0148",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.9,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.9,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.9,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "6.0.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational quality manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.0"
},
{
"model": "rational doors next generation",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.0"
},
{
"model": "rational team concert",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.0"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "rational software architect design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational doors next generation",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational quality manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational rhapsody design manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "rational rhapsody design manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational quality manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational doors next generation",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational team concert",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.0"
},
{
"model": "rational doors next generation",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational software architect design manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "rational rhapsody design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational collaborative lifecycle management",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational team concert",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational rhapsody design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational quality manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational team concert",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational doors next generation",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational engineering lifecycle manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational quality manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational rhapsody design manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational software architect design manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational team concert",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.7"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "jazz foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "rational team concert ifix3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational team concert ifix16",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational team concert ifix25",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational quality manager ifix3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational quality manager ifix16",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational quality manager ifix25",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational doors next generation ifix3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational doors next generation ifix16",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational doors next generation ifix25",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational collaborative lifecycle management ifix3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational collaborative lifecycle management ifix16",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational collaborative lifecycle management ifix25",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
}
],
"sources": [
{
"db": "BID",
"id": "103477"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003248"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-902"
},
{
"db": "NVD",
"id": "CVE-2017-1602"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:rational_collaborative_lifecycle_management",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_doors_next_generation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_quality_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_rhapsody_design_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_software_architect_design_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_team_concert",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003248"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM.",
"sources": [
{
"db": "BID",
"id": "103477"
}
],
"trust": 0.3
},
"cve": "CVE-2017-1602",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2017-1602",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2017-1602",
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-1602",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2017-1602",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-1602",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201803-902",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003248"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-902"
},
{
"db": "NVD",
"id": "CVE-2017-1602"
},
{
"db": "NVD",
"id": "CVE-2017-1602"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to access settings that they should not be able to using a specially crafted URL. IBM X-Force ID: 132625. Vendors have confirmed this vulnerability IBM X-Force ID: 132625 It is released as.Information may be tampered with. Multiple IBM Products are prone to the following multiple security vulnerabilities:\n1. An information-disclosure vulnerability\n2. Multiple cross-site scripting vulnerability\n3. An access-bypass vulnerability\nAn attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, gain unauthorized access to the affected application or to obtain sensitive information",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-1602"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003248"
},
{
"db": "BID",
"id": "103477"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-1602",
"trust": 2.7
},
{
"db": "BID",
"id": "103477",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003248",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201803-902",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "103477"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003248"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-902"
},
{
"db": "NVD",
"id": "CVE-2017-1602"
}
]
},
"id": "VAR-201803-0148",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.23809524
},
"last_update_date": "2024-11-23T22:30:29.402000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "2014815",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22014815"
},
{
"title": "ibm-rsadm-cve20171602-sec-bypass (132625)",
"trust": 0.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/132625"
},
{
"title": "IBM Rational Collaborative Lifecycle Management RSA DM Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79399"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003248"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-902"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-552",
"trust": 1.0
},
{
"problemtype": "CWE-284",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003248"
},
{
"db": "NVD",
"id": "CVE-2017-1602"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://www.ibm.com/support/docview.wss?uid=swg22014815"
},
{
"trust": 1.6,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/132625"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/103477"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-1602"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-1602"
},
{
"trust": 0.3,
"url": "http://www.ibm.com"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22014815"
}
],
"sources": [
{
"db": "BID",
"id": "103477"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003248"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-902"
},
{
"db": "NVD",
"id": "CVE-2017-1602"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "103477"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003248"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-902"
},
{
"db": "NVD",
"id": "CVE-2017-1602"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-20T00:00:00",
"db": "BID",
"id": "103477"
},
{
"date": "2018-05-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003248"
},
{
"date": "2018-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-902"
},
{
"date": "2018-03-23T19:29:00.277000",
"db": "NVD",
"id": "CVE-2017-1602"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-20T00:00:00",
"db": "BID",
"id": "103477"
},
{
"date": "2018-05-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003248"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-902"
},
{
"date": "2024-11-21T03:22:07.950000",
"db": "NVD",
"id": "CVE-2017-1602"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-902"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM RSA DM Access control vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003248"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-902"
}
],
"trust": 0.6
}
}
var-201803-1089
Vulnerability from variot
IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to obtain sensitive information from a specially crafted HTTP request that could be used to aid future attacks. IBM X-Force ID: 129970. Vendors have confirmed this vulnerability IBM X-Force ID: 129970 It is released as.Information may be obtained. Multiple IBM Products are prone to the following multiple security vulnerabilities: 1. An information-disclosure vulnerability 2. Multiple cross-site scripting vulnerability 3. An access-bypass vulnerability An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, gain unauthorized access to the affected application or to obtain sensitive information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-1089",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "rational doors next generation",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.0"
},
{
"model": "rational team concert",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.0"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "rational software architect design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational doors next generation",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational quality manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational rhapsody design manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "rational rhapsody design manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational quality manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.0"
},
{
"model": "rational doors next generation",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational team concert",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.0"
},
{
"model": "rational doors next generation",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational software architect design manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "rational rhapsody design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational collaborative lifecycle management",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational quality manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational team concert",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational rhapsody design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational quality manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational team concert",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational doors next generation",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational engineering lifecycle manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational quality manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational rhapsody design manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational software architect design manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational team concert",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.7"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "jazz foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "rational team concert ifix3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational team concert ifix16",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational team concert ifix25",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational quality manager ifix3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational quality manager ifix16",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational quality manager ifix25",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational doors next generation ifix3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational doors next generation ifix16",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational doors next generation ifix25",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational collaborative lifecycle management ifix3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational collaborative lifecycle management ifix16",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational collaborative lifecycle management ifix25",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
}
],
"sources": [
{
"db": "BID",
"id": "103477"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003247"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-903"
},
{
"db": "NVD",
"id": "CVE-2017-1524"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:rational_collaborative_lifecycle_management",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_doors_next_generation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_engineering_lifecycle_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_quality_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_rhapsody_design_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_software_architect_design_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_team_concert",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003247"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM.",
"sources": [
{
"db": "BID",
"id": "103477"
}
],
"trust": 0.3
},
"cve": "CVE-2017-1524",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2017-1524",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2017-1524",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-1524",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2017-1524",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-1524",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201803-903",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003247"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-903"
},
{
"db": "NVD",
"id": "CVE-2017-1524"
},
{
"db": "NVD",
"id": "CVE-2017-1524"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to obtain sensitive information from a specially crafted HTTP request that could be used to aid future attacks. IBM X-Force ID: 129970. Vendors have confirmed this vulnerability IBM X-Force ID: 129970 It is released as.Information may be obtained. Multiple IBM Products are prone to the following multiple security vulnerabilities:\n1. An information-disclosure vulnerability\n2. Multiple cross-site scripting vulnerability\n3. An access-bypass vulnerability\nAn attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, gain unauthorized access to the affected application or to obtain sensitive information",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-1524"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003247"
},
{
"db": "BID",
"id": "103477"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-1524",
"trust": 2.7
},
{
"db": "BID",
"id": "103477",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003247",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201803-903",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "103477"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003247"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-903"
},
{
"db": "NVD",
"id": "CVE-2017-1524"
}
]
},
"id": "VAR-201803-1089",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.23809524
},
"last_update_date": "2024-11-23T22:30:29.318000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "2014815",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22014815"
},
{
"title": "ibm-jazz-cve20171524-info-disc (129970)",
"trust": 0.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129970"
},
{
"title": "IBM Rational Collaborative Lifecycle Management Jazz Foundation Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79400"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003247"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-903"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003247"
},
{
"db": "NVD",
"id": "CVE-2017-1524"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://www.ibm.com/support/docview.wss?uid=swg22014815"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/103477"
},
{
"trust": 1.6,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129970"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-1524"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-1524"
},
{
"trust": 0.3,
"url": "http://www.ibm.com"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22014815"
}
],
"sources": [
{
"db": "BID",
"id": "103477"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003247"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-903"
},
{
"db": "NVD",
"id": "CVE-2017-1524"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "103477"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003247"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-903"
},
{
"db": "NVD",
"id": "CVE-2017-1524"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-20T00:00:00",
"db": "BID",
"id": "103477"
},
{
"date": "2018-05-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003247"
},
{
"date": "2018-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-903"
},
{
"date": "2018-03-23T19:29:00.230000",
"db": "NVD",
"id": "CVE-2017-1524"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-20T00:00:00",
"db": "BID",
"id": "103477"
},
{
"date": "2018-05-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003247"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-903"
},
{
"date": "2024-11-21T03:22:01.087000",
"db": "NVD",
"id": "CVE-2017-1524"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-903"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Jazz Foundation Vulnerable to information disclosure",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003247"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-903"
}
],
"trust": 0.6
}
}
var-202206-1935
Vulnerability from variot
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 194891. Vendors must IBM X-Force ID: 194891 It is published as.Information may be obtained
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202206-1935",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "6.0.6"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "6.0.6.1"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014373"
},
{
"db": "NVD",
"id": "CVE-2021-20355"
}
]
},
"cve": "CVE-2021-20355",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2021-20355",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2021-20355",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "psirt@us.ibm.com",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.2,
"id": "CVE-2021-20355",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2021-20355",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-20355",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2021-20355",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "CVE-2021-20355",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202206-2499",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-20355",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-20355"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014373"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2499"
},
{
"db": "NVD",
"id": "CVE-2021-20355"
},
{
"db": "NVD",
"id": "CVE-2021-20355"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 194891. Vendors must IBM X-Force ID: 194891 It is published as.Information may be obtained",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-20355"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014373"
},
{
"db": "VULMON",
"id": "CVE-2021-20355"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-20355",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014373",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2499",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-20355",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-20355"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014373"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2499"
},
{
"db": "NVD",
"id": "CVE-2021-20355"
}
]
},
"id": "VAR-202206-1935",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.23809524
},
"last_update_date": "2024-08-14T15:00:55.664000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "6597583 IBM\u00a0X-Force\u00a0Exchange",
"trust": 0.8,
"url": "https://www.ibm.com/support/pages/node/6597583"
},
{
"title": "IBM Jazz Team Server Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=198514"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014373"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2499"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-732",
"trust": 1.0
},
{
"problemtype": "Improper permission assignment for critical resources (CWE-732) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014373"
},
{
"db": "NVD",
"id": "CVE-2021-20355"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/194891"
},
{
"trust": 1.7,
"url": "https://www.ibm.com/support/pages/node/6597583"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-20355"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2021-20355/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/668.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-20355"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014373"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2499"
},
{
"db": "NVD",
"id": "CVE-2021-20355"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-20355"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014373"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2499"
},
{
"db": "NVD",
"id": "CVE-2021-20355"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-06-24T00:00:00",
"db": "VULMON",
"id": "CVE-2021-20355"
},
{
"date": "2023-09-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-014373"
},
{
"date": "2022-06-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202206-2499"
},
{
"date": "2022-06-24T17:15:07.920000",
"db": "NVD",
"id": "CVE-2021-20355"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2021-20355"
},
{
"date": "2023-09-19T02:10:00",
"db": "JVNDB",
"id": "JVNDB-2022-014373"
},
{
"date": "2022-07-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202206-2499"
},
{
"date": "2023-08-08T14:22:24.967000",
"db": "NVD",
"id": "CVE-2021-20355"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202206-2499"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM\u00a0Jazz\u00a0Team\u00a0 Vulnerability related to improper assignment of permissions to critical resources in servers",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014373"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202206-2499"
}
],
"trust": 0.6
}
}
var-202206-1944
Vulnerability from variot
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 198931. Vendor exploits this vulnerability IBM X-Force ID: 198931 It is published as.Information may be obtained
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202206-1944",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "6.0.6"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "6.0.6.1"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014696"
},
{
"db": "NVD",
"id": "CVE-2021-20544"
}
]
},
"cve": "CVE-2021-20544",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2021-20544",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2021-20544",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "psirt@us.ibm.com",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2021-20544",
"impactScore": 2.5,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2021-20544",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-20544",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2021-20544",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-20544",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202206-2497",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-20544",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-20544"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014696"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2497"
},
{
"db": "NVD",
"id": "CVE-2021-20544"
},
{
"db": "NVD",
"id": "CVE-2021-20544"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 198931. Vendor exploits this vulnerability IBM X-Force ID: 198931 It is published as.Information may be obtained",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-20544"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014696"
},
{
"db": "VULMON",
"id": "CVE-2021-20544"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-20544",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014696",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2497",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-20544",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-20544"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014696"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2497"
},
{
"db": "NVD",
"id": "CVE-2021-20544"
}
]
},
"id": "VAR-202206-1944",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.23809524
},
"last_update_date": "2024-08-14T15:27:14.869000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "6597513 IBM\u00a0X-Force\u00a0Exchange",
"trust": 0.8,
"url": "https://www.ibm.com/support/pages/node/6597513"
},
{
"title": "IBM Jazz Team Server Fixes for code issue vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=198512"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014696"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2497"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-918",
"trust": 1.0
},
{
"problemtype": "Server-side request forgery (CWE-918) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014696"
},
{
"db": "NVD",
"id": "CVE-2021-20544"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/198931"
},
{
"trust": 1.7,
"url": "https://www.ibm.com/support/pages/node/6597513"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-20544"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2021-20544/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/918.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-20544"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014696"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2497"
},
{
"db": "NVD",
"id": "CVE-2021-20544"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-20544"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014696"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2497"
},
{
"db": "NVD",
"id": "CVE-2021-20544"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-06-24T00:00:00",
"db": "VULMON",
"id": "CVE-2021-20544"
},
{
"date": "2023-09-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-014696"
},
{
"date": "2022-06-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202206-2497"
},
{
"date": "2022-06-24T17:15:08.083000",
"db": "NVD",
"id": "CVE-2021-20544"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2021-20544"
},
{
"date": "2023-09-21T05:14:00",
"db": "JVNDB",
"id": "JVNDB-2022-014696"
},
{
"date": "2022-07-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202206-2497"
},
{
"date": "2022-06-30T15:08:50.007000",
"db": "NVD",
"id": "CVE-2021-20544"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202206-2497"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM\u00a0Jazz\u00a0Team\u00a0Server\u00a0 Server-side request forgery vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014696"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202206-2497"
}
],
"trust": 0.6
}
}
var-202206-1856
Vulnerability from variot
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 199149. Vendor exploits this vulnerability IBM X-Force ID: 199149 It is published as.Information may be obtained
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202206-1856",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "6.0.6"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "6.0.6.1"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014693"
},
{
"db": "NVD",
"id": "CVE-2021-20551"
}
]
},
"cve": "CVE-2021-20551",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2021-20551",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.8,
"id": "CVE-2021-20551",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "psirt@us.ibm.com",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.5,
"id": "CVE-2021-20551",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.3,
"baseSeverity": "Low",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2021-20551",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-20551",
"trust": 1.0,
"value": "LOW"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2021-20551",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-20551",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNNVD",
"id": "CNNVD-202206-2496",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2021-20551",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-20551"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014693"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2496"
},
{
"db": "NVD",
"id": "CVE-2021-20551"
},
{
"db": "NVD",
"id": "CVE-2021-20551"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 199149. Vendor exploits this vulnerability IBM X-Force ID: 199149 It is published as.Information may be obtained",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-20551"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014693"
},
{
"db": "VULMON",
"id": "CVE-2021-20551"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-20551",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014693",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2496",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-20551",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-20551"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014693"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2496"
},
{
"db": "NVD",
"id": "CVE-2021-20551"
}
]
},
"id": "VAR-202206-1856",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.23809524
},
"last_update_date": "2024-08-14T15:21:46.492000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "6597511 IBM\u00a0X-Force\u00a0Exchange",
"trust": 0.8,
"url": "https://www.ibm.com/support/pages/node/6597511"
},
{
"title": "IBM Jazz Team Server Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=198511"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014693"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2496"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-668",
"trust": 1.0
},
{
"problemtype": "Leakage of resources to the wrong area (CWE-668) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014693"
},
{
"db": "NVD",
"id": "CVE-2021-20551"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.ibm.com/support/pages/node/6597511"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/199169"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-20551"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2021-20551/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/668.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-20551"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014693"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2496"
},
{
"db": "NVD",
"id": "CVE-2021-20551"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-20551"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014693"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2496"
},
{
"db": "NVD",
"id": "CVE-2021-20551"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-06-24T00:00:00",
"db": "VULMON",
"id": "CVE-2021-20551"
},
{
"date": "2023-09-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-014693"
},
{
"date": "2022-06-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202206-2496"
},
{
"date": "2022-06-24T17:15:08.133000",
"db": "NVD",
"id": "CVE-2021-20551"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2021-20551"
},
{
"date": "2023-09-21T05:08:00",
"db": "JVNDB",
"id": "JVNDB-2022-014693"
},
{
"date": "2022-07-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202206-2496"
},
{
"date": "2022-06-30T13:51:58.557000",
"db": "NVD",
"id": "CVE-2021-20551"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202206-2496"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM\u00a0Jazz\u00a0Team\u00a0Server\u00a0 Vulnerability in leaking resources to the wrong area in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014693"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202206-2496"
}
],
"trust": 0.6
}
}
var-202205-1685
Vulnerability from variot
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 214032. Vendor exploits this vulnerability IBM X-Force ID: 214032 It is published as.Information may be obtained and information may be tampered with
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202205-1685",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "6.0.6"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "6.0.6.1"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-010989"
},
{
"db": "NVD",
"id": "CVE-2021-39043"
}
]
},
"cve": "CVE-2021-39043",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2021-39043",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"id": "CVE-2021-39043",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "psirt@us.ibm.com",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.1,
"id": "CVE-2021-39043",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.4,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2021-39043",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-39043",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2021-39043",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-39043",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202205-3866",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-010989"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3866"
},
{
"db": "NVD",
"id": "CVE-2021-39043"
},
{
"db": "NVD",
"id": "CVE-2021-39043"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 214032. Vendor exploits this vulnerability IBM X-Force ID: 214032 It is published as.Information may be obtained and information may be tampered with",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-39043"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010989"
},
{
"db": "VULMON",
"id": "CVE-2021-39043"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-39043",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010989",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3866",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-39043",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-39043"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010989"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3866"
},
{
"db": "NVD",
"id": "CVE-2021-39043"
}
]
},
"id": "VAR-202205-1685",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.23809524
},
"last_update_date": "2024-08-14T14:43:54.394000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "6587797 IBM\u00a0X-Force\u00a0Exchange",
"trust": 0.8,
"url": "https://www.ibm.com/support/pages/node/6587797"
},
{
"title": "IBM Jazz Team Server Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=194520"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-010989"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3866"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.0
},
{
"problemtype": "Cross-site scripting (CWE-79) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-010989"
},
{
"db": "NVD",
"id": "CVE-2021-39043"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/214032"
},
{
"trust": 1.7,
"url": "https://www.ibm.com/support/pages/node/6587797"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-39043"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2021-39043/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-39043"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010989"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3866"
},
{
"db": "NVD",
"id": "CVE-2021-39043"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-39043"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010989"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3866"
},
{
"db": "NVD",
"id": "CVE-2021-39043"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-20T00:00:00",
"db": "VULMON",
"id": "CVE-2021-39043"
},
{
"date": "2023-08-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-010989"
},
{
"date": "2022-05-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202205-3866"
},
{
"date": "2022-05-20T17:15:07.687000",
"db": "NVD",
"id": "CVE-2021-39043"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-20T00:00:00",
"db": "VULMON",
"id": "CVE-2021-39043"
},
{
"date": "2023-08-18T05:30:00",
"db": "JVNDB",
"id": "JVNDB-2022-010989"
},
{
"date": "2022-06-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202205-3866"
},
{
"date": "2022-05-31T21:06:41.437000",
"db": "NVD",
"id": "CVE-2021-39043"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202205-3866"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM\u00a0Jazz\u00a0Team\u00a0Server\u00a0 Cross-site scripting vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-010989"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202205-3866"
}
],
"trust": 0.6
}
}
var-202110-1505
Vulnerability from variot
IBM Jazz Team Server products stores user credentials in clear text which can be read by an authenticated user. IBM X-Force ID: 203172. Vendors may IBM X-Force ID: 203172 It is published as.Information may be obtained. Provides basic services that enable a set of tools to work together as a single logical server, and include any number of Jazz Team Server Extensions that provide tool-specific functions. An authenticated attacker can use the vulnerability to read these credentials
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202110-1505",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.6"
},
{
"model": "engineering lifecycle optimization",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "engineering workflow management",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.6.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.6.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.6"
},
{
"model": "engineering lifecycle optimization",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.6.1"
},
{
"model": "engineering workflow management",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "engineering lifecycle optimization",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.6"
},
{
"model": "engineering workflow management",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "rational team concert",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational doors next generation",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "engineering workflow management",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational collaborative lifecycle management",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational engineering lifecycle manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "engineering lifecycle optimization",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "jazz team server",
"scope": "gte",
"trust": 0.6,
"vendor": "ibm",
"version": "6.0.2,\u003c=7.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-84583"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014282"
},
{
"db": "NVD",
"id": "CVE-2021-29786"
}
]
},
"cve": "CVE-2021-29786",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2021-29786",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2021-84583",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "psirt@us.ibm.com",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-29786",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-29786",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-29786",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2021-29786",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-29786",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2021-84583",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202110-2006",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-84583"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014282"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2006"
},
{
"db": "NVD",
"id": "CVE-2021-29786"
},
{
"db": "NVD",
"id": "CVE-2021-29786"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Jazz Team Server products stores user credentials in clear text which can be read by an authenticated user. IBM X-Force ID: 203172. Vendors may IBM X-Force ID: 203172 It is published as.Information may be obtained. Provides basic services that enable a set of tools to work together as a single logical server, and include any number of Jazz Team Server Extensions that provide tool-specific functions. An authenticated attacker can use the vulnerability to read these credentials",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-29786"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014282"
},
{
"db": "CNVD",
"id": "CNVD-2021-84583"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-29786",
"trust": 3.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014282",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-84583",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2006",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-84583"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014282"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2006"
},
{
"db": "NVD",
"id": "CVE-2021-29786"
}
]
},
"id": "VAR-202110-1505",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-84583"
}
],
"trust": 0.83809524
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-84583"
}
]
},
"last_update_date": "2024-08-14T14:44:14.767000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "6508583 IBM\u00a0X-Force\u00a0Exchange",
"trust": 0.8,
"url": "https://www.ibm.com/support/pages/node/6508583"
},
{
"title": "Patch for IBM Jazz Team Server Information Disclosure Vulnerability (CNVD-2021-84583)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/297101"
},
{
"title": "IBM Jazz Team Server Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=168162"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-84583"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014282"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2006"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-312",
"trust": 1.0
},
{
"problemtype": "Plaintext storage of important information (CWE-312) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014282"
},
{
"db": "NVD",
"id": "CVE-2021-29786"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/203172"
},
{
"trust": 1.6,
"url": "https://www.ibm.com/support/pages/node/6508583"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-29786"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-84583"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014282"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2006"
},
{
"db": "NVD",
"id": "CVE-2021-29786"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-84583"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014282"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2006"
},
{
"db": "NVD",
"id": "CVE-2021-29786"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-11-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-84583"
},
{
"date": "2022-10-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-014282"
},
{
"date": "2021-10-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-2006"
},
{
"date": "2021-10-27T16:15:07.567000",
"db": "NVD",
"id": "CVE-2021-29786"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-11-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-84583"
},
{
"date": "2022-10-12T02:04:00",
"db": "JVNDB",
"id": "JVNDB-2021-014282"
},
{
"date": "2021-11-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-2006"
},
{
"date": "2021-11-01T20:20:51.527000",
"db": "NVD",
"id": "CVE-2021-29786"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-2006"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM\u00a0Jazz\u00a0Team\u00a0Server\u00a0 Vulnerability in plaintext storage of important information in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014282"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-2006"
}
],
"trust": 0.6
}
}
var-201803-0128
Vulnerability from variot
IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 133379. Vendors have confirmed this vulnerability IBM X-Force ID: 133379 It is released as.Information may be obtained and information may be altered. Multiple IBM Products are prone to the following multiple security vulnerabilities: 1. An information-disclosure vulnerability 2. Multiple cross-site scripting vulnerability 3. An access-bypass vulnerability An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, gain unauthorized access to the affected application or to obtain sensitive information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-0128",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rational engineering lifecycle manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational engineering lifecycle manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational team concert",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational software architect design manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational rhapsody design manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational software architect design manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational team concert",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational quality manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational doors next generation",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.0"
},
{
"model": "rational doors next generation",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational quality manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational software architect design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational software architect design manager",
"scope": "gt",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational doors next generation",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational rhapsody design manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational quality manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational collaborative lifecycle management",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational quality manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational software architect design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational team concert",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational rhapsody design manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational doors next generation",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational software architect design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational quality manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational team concert",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational doors next generation",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational engineering lifecycle manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational rhapsody design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational engineering lifecycle manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational quality manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational team concert",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational doors next generation",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational team concert",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational rhapsody design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "5.0 and 6.0"
},
{
"model": "rational doors next generation",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational engineering lifecycle manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational quality manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational rhapsody design manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational software architect design manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational team concert",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "6.0.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.7"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "jazz foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "rational team concert ifix3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational team concert ifix16",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational team concert ifix25",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational quality manager ifix3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational quality manager ifix16",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational quality manager ifix25",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational doors next generation ifix3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational doors next generation ifix16",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational doors next generation ifix25",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational collaborative lifecycle management ifix3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational collaborative lifecycle management ifix16",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational collaborative lifecycle management ifix25",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
}
],
"sources": [
{
"db": "BID",
"id": "103477"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003086"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-900"
},
{
"db": "NVD",
"id": "CVE-2017-1655"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:rational_collaborative_lifecycle_management",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_doors_next_generation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_engineering_lifecycle_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_quality_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_rhapsody_design_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_software_architect_design_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_team_concert",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003086"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM.",
"sources": [
{
"db": "BID",
"id": "103477"
}
],
"trust": 0.3
},
"cve": "CVE-2017-1655",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2017-1655",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"id": "CVE-2017-1655",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 2.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-1655",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2017-1655",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-1655",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201803-900",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003086"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-900"
},
{
"db": "NVD",
"id": "CVE-2017-1655"
},
{
"db": "NVD",
"id": "CVE-2017-1655"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 133379. Vendors have confirmed this vulnerability IBM X-Force ID: 133379 It is released as.Information may be obtained and information may be altered. Multiple IBM Products are prone to the following multiple security vulnerabilities:\n1. An information-disclosure vulnerability\n2. Multiple cross-site scripting vulnerability\n3. An access-bypass vulnerability\nAn attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, gain unauthorized access to the affected application or to obtain sensitive information",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-1655"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003086"
},
{
"db": "BID",
"id": "103477"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-1655",
"trust": 2.7
},
{
"db": "BID",
"id": "103477",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003086",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201803-900",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "103477"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003086"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-900"
},
{
"db": "NVD",
"id": "CVE-2017-1655"
}
]
},
"id": "VAR-201803-0128",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.23809524
},
"last_update_date": "2024-11-23T22:30:29.430000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "2014815",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22014815"
},
{
"title": "ibm-jazz-cve20171655-xss (133379)",
"trust": 0.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133379"
},
{
"title": "IBM Rational Collaborative Lifecycle Management Jazz Foundation Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79397"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003086"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-900"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003086"
},
{
"db": "NVD",
"id": "CVE-2017-1655"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://www.ibm.com/support/docview.wss?uid=swg22014815"
},
{
"trust": 1.6,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133379"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/103477"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-1655"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-1655"
},
{
"trust": 0.3,
"url": "http://www.ibm.com"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22014815"
}
],
"sources": [
{
"db": "BID",
"id": "103477"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003086"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-900"
},
{
"db": "NVD",
"id": "CVE-2017-1655"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "103477"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003086"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-900"
},
{
"db": "NVD",
"id": "CVE-2017-1655"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-20T00:00:00",
"db": "BID",
"id": "103477"
},
{
"date": "2018-05-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003086"
},
{
"date": "2018-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-900"
},
{
"date": "2018-03-23T19:29:00.387000",
"db": "NVD",
"id": "CVE-2017-1655"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-20T00:00:00",
"db": "BID",
"id": "103477"
},
{
"date": "2018-05-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003086"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-900"
},
{
"date": "2024-11-21T03:22:10.917000",
"db": "NVD",
"id": "CVE-2017-1655"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-900"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Jazz Foundation Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003086"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-900"
}
],
"trust": 0.6
}
}
var-202206-2038
Vulnerability from variot
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202206-2038",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "6.0.6"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "6.0.6.1"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014372"
},
{
"db": "NVD",
"id": "CVE-2021-20421"
}
]
},
"cve": "CVE-2021-20421",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2021-20421",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2021-20421",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "psirt@us.ibm.com",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2021-20421",
"impactScore": 2.5,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2021-20421",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-20421",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2021-20421",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-20421",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202206-2500",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-20421",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-20421"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014372"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2500"
},
{
"db": "NVD",
"id": "CVE-2021-20421"
},
{
"db": "NVD",
"id": "CVE-2021-20421"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-20421"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014372"
},
{
"db": "VULMON",
"id": "CVE-2021-20421"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-20421",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014372",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2500",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-20421",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-20421"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014372"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2500"
},
{
"db": "NVD",
"id": "CVE-2021-20421"
}
]
},
"id": "VAR-202206-2038",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.23809524
},
"last_update_date": "2024-08-14T15:06:17.146000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "6597507 IBM\u00a0X-Force\u00a0Exchange",
"trust": 0.8,
"url": "https://www.ibm.com/support/pages/node/6597507"
},
{
"title": "IBM Jazz Team Server Fixes for code issue vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=198515"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014372"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2500"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-918",
"trust": 1.0
},
{
"problemtype": "Server-side request forgery (CWE-918) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014372"
},
{
"db": "NVD",
"id": "CVE-2021-20421"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.ibm.com/support/pages/node/6597507"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/196300"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-20421"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2021-20421/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/918.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-20421"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014372"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2500"
},
{
"db": "NVD",
"id": "CVE-2021-20421"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-20421"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014372"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2500"
},
{
"db": "NVD",
"id": "CVE-2021-20421"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-06-24T00:00:00",
"db": "VULMON",
"id": "CVE-2021-20421"
},
{
"date": "2023-09-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-014372"
},
{
"date": "2022-06-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202206-2500"
},
{
"date": "2022-06-24T17:15:07.980000",
"db": "NVD",
"id": "CVE-2021-20421"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2021-20421"
},
{
"date": "2023-09-19T02:06:00",
"db": "JVNDB",
"id": "JVNDB-2022-014372"
},
{
"date": "2022-07-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202206-2500"
},
{
"date": "2022-06-30T14:01:30.900000",
"db": "NVD",
"id": "CVE-2021-20421"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202206-2500"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM\u00a0Jazz\u00a0Team\u00a0 Server-side request forgery vulnerability in servers",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014372"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202206-2500"
}
],
"trust": 0.6
}
}
var-202206-2161
Vulnerability from variot
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 209057. Vendors may IBM X-Force ID: 209057 It is published as.Information may be obtained
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202206-2161",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "6.0.6"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "6.0.6.1"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014688"
},
{
"db": "NVD",
"id": "CVE-2021-38879"
}
]
},
"cve": "CVE-2021-38879",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2021-38879",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2021-38879",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "psirt@us.ibm.com",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.2,
"id": "CVE-2021-38879",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2021-38879",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-38879",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2021-38879",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "CVE-2021-38879",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202206-2489",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-38879",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-38879"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014688"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2489"
},
{
"db": "NVD",
"id": "CVE-2021-38879"
},
{
"db": "NVD",
"id": "CVE-2021-38879"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 209057. Vendors may IBM X-Force ID: 209057 It is published as.Information may be obtained",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-38879"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014688"
},
{
"db": "VULMON",
"id": "CVE-2021-38879"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-38879",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014688",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2489",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-38879",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-38879"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014688"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2489"
},
{
"db": "NVD",
"id": "CVE-2021-38879"
}
]
},
"id": "VAR-202206-2161",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.23809524
},
"last_update_date": "2024-08-14T14:31:08.648000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "6597501 IBM\u00a0X-Force\u00a0Exchange",
"trust": 0.8,
"url": "https://www.ibm.com/support/pages/node/6597501"
},
{
"title": "IBM Jazz Team Server Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=198508"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014688"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2489"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-732",
"trust": 1.0
},
{
"problemtype": "Improper permission assignment for critical resources (CWE-732) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014688"
},
{
"db": "NVD",
"id": "CVE-2021-38879"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.ibm.com/support/pages/node/6597501"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/209057"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-38879"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2021-38879/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/668.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-38879"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014688"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2489"
},
{
"db": "NVD",
"id": "CVE-2021-38879"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-38879"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014688"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2489"
},
{
"db": "NVD",
"id": "CVE-2021-38879"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-06-24T00:00:00",
"db": "VULMON",
"id": "CVE-2021-38879"
},
{
"date": "2023-09-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-014688"
},
{
"date": "2022-06-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202206-2489"
},
{
"date": "2022-06-24T17:15:08.280000",
"db": "NVD",
"id": "CVE-2021-38879"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2021-38879"
},
{
"date": "2023-09-21T04:59:00",
"db": "JVNDB",
"id": "JVNDB-2022-014688"
},
{
"date": "2022-07-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202206-2489"
},
{
"date": "2023-08-08T14:22:24.967000",
"db": "NVD",
"id": "CVE-2021-38879"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202206-2489"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM\u00a0Jazz\u00a0Team\u00a0Server\u00a0 Vulnerability in improper permission assignment for critical resources in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014688"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202206-2489"
}
],
"trust": 0.6
}
}
var-202206-1978
Vulnerability from variot
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 208345. Vendor exploits this vulnerability IBM X-Force ID: 208345 It is published as.Information may be obtained and information may be tampered with
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202206-1978",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "6.0.6"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "6.0.6.1"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014689"
},
{
"db": "NVD",
"id": "CVE-2021-38871"
}
]
},
"cve": "CVE-2021-38871",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2021-38871",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "psirt@us.ibm.com",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"id": "CVE-2021-38871",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"id": "CVE-2021-38871",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-38871",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2021-38871",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-38871",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202206-2493",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-38871",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-38871"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014689"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2493"
},
{
"db": "NVD",
"id": "CVE-2021-38871"
},
{
"db": "NVD",
"id": "CVE-2021-38871"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 208345. Vendor exploits this vulnerability IBM X-Force ID: 208345 It is published as.Information may be obtained and information may be tampered with",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-38871"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014689"
},
{
"db": "VULMON",
"id": "CVE-2021-38871"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-38871",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014689",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2493",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-38871",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-38871"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014689"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2493"
},
{
"db": "NVD",
"id": "CVE-2021-38871"
}
]
},
"id": "VAR-202206-1978",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.23809524
},
"last_update_date": "2024-08-14T14:55:24.984000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "6597503 IBM\u00a0X-Force\u00a0Exchange",
"trust": 0.8,
"url": "https://www.ibm.com/support/pages/node/6597503"
},
{
"title": "IBM Jazz Team Server Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=198509"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014689"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2493"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.0
},
{
"problemtype": "Cross-site scripting (CWE-79) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014689"
},
{
"db": "NVD",
"id": "CVE-2021-38871"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/208345"
},
{
"trust": 1.7,
"url": "https://www.ibm.com/support/pages/node/6597503"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-38871"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2021-38871/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-38871"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014689"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2493"
},
{
"db": "NVD",
"id": "CVE-2021-38871"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-38871"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014689"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2493"
},
{
"db": "NVD",
"id": "CVE-2021-38871"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-06-24T00:00:00",
"db": "VULMON",
"id": "CVE-2021-38871"
},
{
"date": "2023-09-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-014689"
},
{
"date": "2022-06-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202206-2493"
},
{
"date": "2022-06-24T17:15:08.237000",
"db": "NVD",
"id": "CVE-2021-38871"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2021-38871"
},
{
"date": "2023-09-21T05:02:00",
"db": "JVNDB",
"id": "JVNDB-2022-014689"
},
{
"date": "2022-07-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202206-2493"
},
{
"date": "2022-06-30T16:53:56.687000",
"db": "NVD",
"id": "CVE-2021-38871"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202206-2493"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM\u00a0Jazz\u00a0Team\u00a0Server\u00a0 Cross-site scripting vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014689"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202206-2493"
}
],
"trust": 0.6
}
}
var-202206-2325
Vulnerability from variot
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 206091. IBM Jazz Team Server Contains a vulnerability regarding improper restrictions on rendered user interface layers or frames. Vendor exploits this vulnerability IBM X-Force ID: 206091 It is published as.Information may be obtained and information may be tampered with
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202206-2325",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "6.0.6"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "6.0.6.1"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014691"
},
{
"db": "NVD",
"id": "CVE-2021-29865"
}
]
},
"cve": "CVE-2021-29865",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "CVE-2021-29865",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "psirt@us.ibm.com",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"id": "CVE-2021-29865",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"id": "CVE-2021-29865",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-29865",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2021-29865",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-29865",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202206-2494",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-29865",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-29865"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014691"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2494"
},
{
"db": "NVD",
"id": "CVE-2021-29865"
},
{
"db": "NVD",
"id": "CVE-2021-29865"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim\u0027s click actions and possibly launch further attacks against the victim. IBM X-Force ID: 206091. IBM Jazz Team Server Contains a vulnerability regarding improper restrictions on rendered user interface layers or frames. Vendor exploits this vulnerability IBM X-Force ID: 206091 It is published as.Information may be obtained and information may be tampered with",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-29865"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014691"
},
{
"db": "VULMON",
"id": "CVE-2021-29865"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-29865",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014691",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2494",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-29865",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-29865"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014691"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2494"
},
{
"db": "NVD",
"id": "CVE-2021-29865"
}
]
},
"id": "VAR-202206-2325",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.23809524
},
"last_update_date": "2024-08-14T15:42:22.386000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "6597505 IBM\u00a0X-Force\u00a0Exchange",
"trust": 0.8,
"url": "https://www.ibm.com/support/pages/node/6597505"
},
{
"title": "IBM Jazz Team Server Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=198510"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014691"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2494"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-1021",
"trust": 1.0
},
{
"problemtype": "Improper restrictions on rendered user interface layers or frames (CWE-1021) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014691"
},
{
"db": "NVD",
"id": "CVE-2021-29865"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/206091"
},
{
"trust": 1.7,
"url": "https://www.ibm.com/support/pages/node/6597505"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-29865"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2021-29865/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/1021.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-29865"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014691"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2494"
},
{
"db": "NVD",
"id": "CVE-2021-29865"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-29865"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014691"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2494"
},
{
"db": "NVD",
"id": "CVE-2021-29865"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-06-24T00:00:00",
"db": "VULMON",
"id": "CVE-2021-29865"
},
{
"date": "2023-09-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-014691"
},
{
"date": "2022-06-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202206-2494"
},
{
"date": "2022-06-24T17:15:08.187000",
"db": "NVD",
"id": "CVE-2021-29865"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2021-29865"
},
{
"date": "2023-09-21T05:05:00",
"db": "JVNDB",
"id": "JVNDB-2022-014691"
},
{
"date": "2022-07-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202206-2494"
},
{
"date": "2022-06-30T15:32:48.597000",
"db": "NVD",
"id": "CVE-2021-29865"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202206-2494"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM\u00a0Jazz\u00a0Team\u00a0Server\u00a0 Vulnerability in improperly limiting rendered user interface layers or frames in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014691"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202206-2494"
}
],
"trust": 0.6
}
}
var-201803-1094
Vulnerability from variot
IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 133127. Vendors have confirmed this vulnerability IBM X-Force ID: 133127 It is released as.Information may be obtained and information may be altered. Multiple IBM Products are prone to the following multiple security vulnerabilities: 1. An information-disclosure vulnerability 2. Multiple cross-site scripting vulnerability 3. An access-bypass vulnerability An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, gain unauthorized access to the affected application or to obtain sensitive information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-1094",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rational engineering lifecycle manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational engineering lifecycle manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational team concert",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational software architect design manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational rhapsody design manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational software architect design manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational team concert",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational quality manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational doors next generation",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.0"
},
{
"model": "rational doors next generation",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational quality manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational software architect design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational software architect design manager",
"scope": "gt",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational doors next generation",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational rhapsody design manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational quality manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational collaborative lifecycle management",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational quality manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational software architect design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational team concert",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational rhapsody design manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational doors next generation",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational software architect design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational quality manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational team concert",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational doors next generation",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational engineering lifecycle manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational rhapsody design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational engineering lifecycle manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational quality manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational team concert",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational doors next generation",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational team concert",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational rhapsody design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "5.0 and 6.0"
},
{
"model": "rational doors next generation",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational engineering lifecycle manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational quality manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational rhapsody design manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational software architect design manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational team concert",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "6.0.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.7"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "jazz foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "rational team concert ifix3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational team concert ifix16",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational team concert ifix25",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational quality manager ifix3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational quality manager ifix16",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational quality manager ifix25",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational doors next generation ifix3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational doors next generation ifix16",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational doors next generation ifix25",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational collaborative lifecycle management ifix3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational collaborative lifecycle management ifix16",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational collaborative lifecycle management ifix25",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
}
],
"sources": [
{
"db": "BID",
"id": "103477"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003085"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-901"
},
{
"db": "NVD",
"id": "CVE-2017-1629"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:rational_collaborative_lifecycle_management",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_doors_next_generation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_engineering_lifecycle_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_quality_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_rhapsody_design_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_software_architect_design_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_team_concert",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003085"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM.",
"sources": [
{
"db": "BID",
"id": "103477"
}
],
"trust": 0.3
},
"cve": "CVE-2017-1629",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2017-1629",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"id": "CVE-2017-1629",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 2.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-1629",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2017-1629",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-1629",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201803-901",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003085"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-901"
},
{
"db": "NVD",
"id": "CVE-2017-1629"
},
{
"db": "NVD",
"id": "CVE-2017-1629"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 133127. Vendors have confirmed this vulnerability IBM X-Force ID: 133127 It is released as.Information may be obtained and information may be altered. Multiple IBM Products are prone to the following multiple security vulnerabilities:\n1. An information-disclosure vulnerability\n2. Multiple cross-site scripting vulnerability\n3. An access-bypass vulnerability\nAn attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, gain unauthorized access to the affected application or to obtain sensitive information",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-1629"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003085"
},
{
"db": "BID",
"id": "103477"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-1629",
"trust": 2.7
},
{
"db": "BID",
"id": "103477",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003085",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201803-901",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "103477"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003085"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-901"
},
{
"db": "NVD",
"id": "CVE-2017-1629"
}
]
},
"id": "VAR-201803-1094",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.23809524
},
"last_update_date": "2024-11-23T22:30:29.346000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "2014815",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22014815"
},
{
"title": "ibm-jazz-cve20171629-xss (133127)",
"trust": 0.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133127"
},
{
"title": "IBM Rational Collaborative Lifecycle Management Jazz Foundation Cross-site scripting vulnerability Repair measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79398"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003085"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-901"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003085"
},
{
"db": "NVD",
"id": "CVE-2017-1629"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://www.ibm.com/support/docview.wss?uid=swg22014815"
},
{
"trust": 1.6,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133127"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/103477"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-1629"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-1629"
},
{
"trust": 0.3,
"url": "http://www.ibm.com"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22014815"
}
],
"sources": [
{
"db": "BID",
"id": "103477"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003085"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-901"
},
{
"db": "NVD",
"id": "CVE-2017-1629"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "103477"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003085"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-901"
},
{
"db": "NVD",
"id": "CVE-2017-1629"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-20T00:00:00",
"db": "BID",
"id": "103477"
},
{
"date": "2018-05-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003085"
},
{
"date": "2018-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-901"
},
{
"date": "2018-03-23T19:29:00.337000",
"db": "NVD",
"id": "CVE-2017-1629"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-20T00:00:00",
"db": "BID",
"id": "103477"
},
{
"date": "2018-05-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003085"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-901"
},
{
"date": "2024-11-21T03:22:09.597000",
"db": "NVD",
"id": "CVE-2017-1629"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-901"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Jazz Foundation Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003085"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-901"
}
],
"trust": 0.6
}
}
var-202206-1905
Vulnerability from variot
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 198929. Vendor exploits this vulnerability IBM X-Force ID: 198929 It is published as.Information may be obtained and information may be tampered with
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202206-1905",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "6.0.6"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "6.0.6.1"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014698"
},
{
"db": "NVD",
"id": "CVE-2021-20543"
}
]
},
"cve": "CVE-2021-20543",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2021-20543",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "psirt@us.ibm.com",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"id": "CVE-2021-20543",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"id": "CVE-2021-20543",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-20543",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2021-20543",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-20543",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202206-2498",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-20543",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-20543"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014698"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2498"
},
{
"db": "NVD",
"id": "CVE-2021-20543"
},
{
"db": "NVD",
"id": "CVE-2021-20543"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim\u0027s Web browser within the security context of the hosting site. IBM X-Force ID: 198929. Vendor exploits this vulnerability IBM X-Force ID: 198929 It is published as.Information may be obtained and information may be tampered with",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-20543"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014698"
},
{
"db": "VULMON",
"id": "CVE-2021-20543"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-20543",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014698",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2498",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-20543",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-20543"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014698"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2498"
},
{
"db": "NVD",
"id": "CVE-2021-20543"
}
]
},
"id": "VAR-202206-1905",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.23809524
},
"last_update_date": "2024-08-14T15:42:22.818000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "6597515 IBM\u00a0X-Force\u00a0Exchange",
"trust": 0.8,
"url": "https://www.ibm.com/support/pages/node/6597515"
},
{
"title": "IBM Jazz Team Server Repair measures for injecting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=198513"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014698"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2498"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.0
},
{
"problemtype": "Cross-site scripting (CWE-79) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014698"
},
{
"db": "NVD",
"id": "CVE-2021-20543"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/198929"
},
{
"trust": 1.7,
"url": "https://www.ibm.com/support/pages/node/6597515"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-20543"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2021-20543/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/74.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-20543"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014698"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2498"
},
{
"db": "NVD",
"id": "CVE-2021-20543"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-20543"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014698"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-2498"
},
{
"db": "NVD",
"id": "CVE-2021-20543"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-06-24T00:00:00",
"db": "VULMON",
"id": "CVE-2021-20543"
},
{
"date": "2023-09-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-014698"
},
{
"date": "2022-06-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202206-2498"
},
{
"date": "2022-06-24T17:15:08.030000",
"db": "NVD",
"id": "CVE-2021-20543"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2021-20543"
},
{
"date": "2023-09-21T05:19:00",
"db": "JVNDB",
"id": "JVNDB-2022-014698"
},
{
"date": "2022-07-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202206-2498"
},
{
"date": "2023-08-08T14:21:49.707000",
"db": "NVD",
"id": "CVE-2021-20543"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202206-2498"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM\u00a0Jazz\u00a0Team\u00a0Server\u00a0 Cross-site scripting vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014698"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202206-2498"
}
],
"trust": 0.6
}
}
var-201711-0485
Vulnerability from variot
IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID: 131852. Vendors have confirmed this vulnerability IBM X-Force ID: 131852 It is released as.Information may be obtained. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. IBM Jazz Team Server affects the following IBM Rational products: Collaborative Lifecycle Management (CLM) Rational DOORS Next Generation (RDNG) Rational Engineering Lifecycle Manager (RELM) Rational Team Concert (RTC) Rational Quality Manager (RQM) Rational Rhapsody Design Manager (Rhapsody DM) Rational Software Architect (RSA DM)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0485",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.9,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.9,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.9,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.9,
"vendor": "ibm",
"version": "4.0.0.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.9,
"vendor": "ibm",
"version": "4.0.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.0.2"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational doors next generation",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational engineering lifecycle manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational quality manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational rhapsody design manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational software architect design manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational team concert",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.7"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "rational team concert ifix5",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational team concert ifix14",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational team concert ifix24",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational team concert ifix15",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational software architect design manager ifix5",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational software architect design manager ifix14",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational software architect design manager ifix24",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational software architect design manager ifix15",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational rhapsody design manager ifix5",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational rhapsody design manager ifix14",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational rhapsody design manager ifix24",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational rhapsody design manager ifix15",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational engineering lifecycle manager ifix5",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational engineering lifecycle manager ifix14",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational engineering lifecycle manager ifix24",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational engineering lifecycle manager ifix15",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational doors next generation ifix5",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational doors next generation ifix14",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational doors next generation ifix24",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational doors next generation ifix15",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational collaborative lifecycle management ifix5",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational collaborative lifecycle management ifix14",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational collaborative lifecycle management ifix24",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational collaborative lifecycle management ifix15",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
}
],
"sources": [
{
"db": "BID",
"id": "102020"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010847"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1083"
},
{
"db": "NVD",
"id": "CVE-2017-1570"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:rational_collaborative_lifecycle_management",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_doors_next_generation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_engineering_lifecycle_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_quality_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_rhapsody_design_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_software_architect_design_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_team_concert",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010847"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported the issue.",
"sources": [
{
"db": "BID",
"id": "102020"
}
],
"trust": 0.3
},
"cve": "CVE-2017-1570",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2017-1570",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2017-1570",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-1570",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-1570",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-1083",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010847"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1083"
},
{
"db": "NVD",
"id": "CVE-2017-1570"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID: 131852. Vendors have confirmed this vulnerability IBM X-Force ID: 131852 It is released as.Information may be obtained. \nAttackers can exploit this issue to obtain sensitive information that may aid in further attacks. \nIBM Jazz Team Server affects the following IBM Rational products:\nCollaborative Lifecycle Management (CLM)\nRational DOORS Next Generation (RDNG)\nRational Engineering Lifecycle Manager (RELM)\nRational Team Concert (RTC)\nRational Quality Manager (RQM)\nRational Rhapsody Design Manager (Rhapsody DM)\nRational Software Architect (RSA DM)",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-1570"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010847"
},
{
"db": "BID",
"id": "102020"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-1570",
"trust": 2.7
},
{
"db": "BID",
"id": "102020",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010847",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1083",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "102020"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010847"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1083"
},
{
"db": "NVD",
"id": "CVE-2017-1570"
}
]
},
"id": "VAR-201711-0485",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.23809524
},
"last_update_date": "2024-11-23T22:52:19.674000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "2010512",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22010512"
},
{
"title": "IBM Rational Collaborative Lifecycle Management Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76757"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010847"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1083"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010847"
},
{
"db": "NVD",
"id": "CVE-2017-1570"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://www.ibm.com/support/docview.wss?uid=swg22010512"
},
{
"trust": 1.6,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/131852"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/102020"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-1570"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-1570"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22010512"
}
],
"sources": [
{
"db": "BID",
"id": "102020"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010847"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1083"
},
{
"db": "NVD",
"id": "CVE-2017-1570"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "102020"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010847"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1083"
},
{
"db": "NVD",
"id": "CVE-2017-1570"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-15T00:00:00",
"db": "BID",
"id": "102020"
},
{
"date": "2017-12-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010847"
},
{
"date": "2017-11-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-1083"
},
{
"date": "2017-11-27T21:29:00.503000",
"db": "NVD",
"id": "CVE-2017-1570"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-19T22:37:00",
"db": "BID",
"id": "102020"
},
{
"date": "2017-12-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010847"
},
{
"date": "2017-11-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-1083"
},
{
"date": "2024-11-21T03:22:06.143000",
"db": "NVD",
"id": "CVE-2017-1570"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-1083"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Jazz Foundation Vulnerable to information disclosure",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010847"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-1083"
}
],
"trust": 0.6
}
}
var-201803-1350
Vulnerability from variot
IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 136006. Vendors have confirmed this vulnerability IBM X-Force ID: 136006 It is released as.Information may be obtained and information may be altered. Multiple IBM Products are prone to the following multiple security vulnerabilities: 1. An information-disclosure vulnerability 2. Multiple cross-site scripting vulnerability 3. An access-bypass vulnerability An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, gain unauthorized access to the affected application or to obtain sensitive information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-1350",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rational engineering lifecycle manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational engineering lifecycle manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational team concert",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational software architect design manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational rhapsody design manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational software architect design manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational team concert",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational quality manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational doors next generation",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.0"
},
{
"model": "rational doors next generation",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational quality manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational software architect design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational software architect design manager",
"scope": "gt",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational doors next generation",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational rhapsody design manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational quality manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational collaborative lifecycle management",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational quality manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational software architect design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational team concert",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational rhapsody design manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational doors next generation",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational software architect design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational quality manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational team concert",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational doors next generation",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational engineering lifecycle manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational rhapsody design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational engineering lifecycle manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational quality manager",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational team concert",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational doors next generation",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational team concert",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational rhapsody design manager",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "5.0 and 6.0"
},
{
"model": "rational doors next generation",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational engineering lifecycle manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational quality manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational rhapsody design manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational software architect design manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational team concert",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "6.0.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.7"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "jazz team server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "jazz foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "rational team concert ifix3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational team concert ifix16",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational team concert ifix25",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational quality manager ifix3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational quality manager ifix16",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational quality manager ifix25",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational doors next generation ifix3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational doors next generation ifix16",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational doors next generation ifix25",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational collaborative lifecycle management ifix3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "rational collaborative lifecycle management ifix16",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational collaborative lifecycle management ifix25",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
}
],
"sources": [
{
"db": "BID",
"id": "103477"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003087"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-899"
},
{
"db": "NVD",
"id": "CVE-2017-1762"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:rational_collaborative_lifecycle_management",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_doors_next_generation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_engineering_lifecycle_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_quality_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_rhapsody_design_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_software_architect_design_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_team_concert",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003087"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM.",
"sources": [
{
"db": "BID",
"id": "103477"
}
],
"trust": 0.3
},
"cve": "CVE-2017-1762",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2017-1762",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"id": "CVE-2017-1762",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 2.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-1762",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2017-1762",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-1762",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201803-899",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003087"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-899"
},
{
"db": "NVD",
"id": "CVE-2017-1762"
},
{
"db": "NVD",
"id": "CVE-2017-1762"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 136006. Vendors have confirmed this vulnerability IBM X-Force ID: 136006 It is released as.Information may be obtained and information may be altered. Multiple IBM Products are prone to the following multiple security vulnerabilities:\n1. An information-disclosure vulnerability\n2. Multiple cross-site scripting vulnerability\n3. An access-bypass vulnerability\nAn attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, gain unauthorized access to the affected application or to obtain sensitive information",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-1762"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003087"
},
{
"db": "BID",
"id": "103477"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-1762",
"trust": 2.7
},
{
"db": "BID",
"id": "103477",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003087",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201803-899",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "103477"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003087"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-899"
},
{
"db": "NVD",
"id": "CVE-2017-1762"
}
]
},
"id": "VAR-201803-1350",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.23809524
},
"last_update_date": "2024-11-23T22:30:29.374000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "2014815",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22014815"
},
{
"title": "ibm-jazz-cve20171762-xss (136006)",
"trust": 0.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/136006"
},
{
"title": "IBM Rational Collaborative Lifecycle Management Jazz Foundation Cross-site scripting vulnerability Repair measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79396"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003087"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-899"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003087"
},
{
"db": "NVD",
"id": "CVE-2017-1762"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://www.ibm.com/support/docview.wss?uid=swg22014815"
},
{
"trust": 1.6,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/136006"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/103477"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-1762"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-1762"
},
{
"trust": 0.3,
"url": "http://www.ibm.com"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22014815"
}
],
"sources": [
{
"db": "BID",
"id": "103477"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003087"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-899"
},
{
"db": "NVD",
"id": "CVE-2017-1762"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "103477"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003087"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-899"
},
{
"db": "NVD",
"id": "CVE-2017-1762"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-20T00:00:00",
"db": "BID",
"id": "103477"
},
{
"date": "2018-05-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003087"
},
{
"date": "2018-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-899"
},
{
"date": "2018-03-23T19:29:00.447000",
"db": "NVD",
"id": "CVE-2017-1762"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-20T00:00:00",
"db": "BID",
"id": "103477"
},
{
"date": "2018-05-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003087"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-899"
},
{
"date": "2024-11-21T03:22:19.840000",
"db": "NVD",
"id": "CVE-2017-1762"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-899"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Jazz Foundation Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003087"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-899"
}
],
"trust": 0.6
}
}