fkie_cve-2016-0284
Vulnerability from fkie_nvd
Published
2016-11-24 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
The XML parser in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Team Concert 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational DOORS Next Generation 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Engineering Lifecycle Manager 4.x before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Rhapsody Design Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; and Rational Software Architect Design Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5 allows remote authenticated users to read arbitrary files or cause a denial of service via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FC3B8F6-F9D7-454C-B7A2-732B6708AF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B4FF44-507B-4F2E-9C7C-4D8A046542D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1DD60E-3E2C-4F42-9892-B031CB3B570D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6504477B-9BF5-49F6-8E3A-9B07B30895B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C0C4948B-69C4-4CAF-808E-426483ED0622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1C297440-406F-4508-9D8D-92F79DF91C4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "79FB3730-EE6A-44CE-8FCD-4CE6D055EB2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3C416F89-7E5E-4FE7-A532-F13843AA1771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EED534E3-80EF-40AF-927A-20D59DA7B045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C36DDB50-CF31-4B3C-AE49-99A3AFBC0791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9DFDE569-8BE3-4CFD-8228-FF785B004068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2D4BC069-34DB-4B2F-BD6C-494BEEEF65AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5D3E975D-3D7B-4DE3-B961-BA6D38329563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "543CFD7E-E204-436E-A88E-212A368F7AB7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C2FA0B68-62BE-45B5-A359-1F922BEA587C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC85C5A2-04BC-4E10-9EAF-6AF2CBC3AF41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C66DD3-20D9-4B47-AFA4-0BA789A973FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7178BB7D-7098-44FB-8DC1-C6A7AF5D6EE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F4A9A99-C26E-4476-934E-24AADFBDB8B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A73A4517-CA0C-4C11-BD22-47F53DFBD7B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C22AC9CB-44C3-43E1-B29A-3D06A421E51D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "51998570-6EFF-436C-9297-601B17A31788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D944BB64-73C5-402C-9D14-077B8FC9DB8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3A32DF4D-B68E-4C3E-AF20-05C80B26461A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B877D86-6ABE-43E8-A681-0C937C779388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "61DE20FB-F2C6-49CB-B1A7-0C5A1F802C56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3010A6F8-A2C7-4236-B5F8-21BC6581B823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F9D6232-16BC-4985-97BE-9AEA8E30FB4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "96CFA6A6-19E4-4325-BCDF-5AFA8A366196",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "71F5759B-9D36-46DA-8F1B-CF7899AC7E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2500F56F-C615-4836-9F6E-44985F898E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9DF445D-E457-4FA5-A2BE-F05828F8F799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E1CE1A44-9F74-4405-AAB4-E38487FBD91A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "29160905-BBD7-486C-A4E0-5778717389E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0A538D21-6F83-4F01-AB4F-788A89F922CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "233E248F-0EA5-4C97-8474-C7A3EFCF7CCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE6472E-AC94-431C-B8EA-8A3ED1828E85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DAFF35-BD11-4EED-8B79-E99AE8A0E620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5FDFE57E-7905-4DC8-93FC-CAE5BC070790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BEC305-F98D-45F4-B149-1188744DE408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E837B6AB-B8FF-413E-8DE9-EE61F6113ED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AFBEB328-08B8-41ED-8D80-748948CB2BDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF686B93-3DE2-4A4D-BA6F-10CA9AFCFA73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_team_concert:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "380BB05E-6ADE-4A45-897D-9AA16E3408D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:3.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CEDB1D69-FFD1-49DB-9775-B11F21E200F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC4C9D2-6799-44B5-AEF4-47DD3CC012FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0AA277-39E7-441C-9AF2-18848FD4C9D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4938F063-34AF-4C5F-AF43-534C3D052720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3902033E-35AB-4358-9D07-AF8C59A9621A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "559C7C20-BD07-4E30-A74C-EA35DB2E3F2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B15D55E2-D1C2-4934-8C51-2DA2778ADF7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0F2747-175E-4B85-9020-162F019860EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9B31F581-9E7A-4882-A915-FE4784FDC996",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BA1E396E-905A-4CE3-8AEB-12BFBE679B2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1186E8-2639-476F-802E-580D98F2E255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7E998F-416E-4E1F-BF85-606224B468CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F871EF36-B640-42B3-AC50-DFD707E53953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E52984F5-4372-4D13-95B1-51F4DB19D425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_quality_manager:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2ED82318-CB9F-4EC4-BABF-1F473B3AA799",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "817714F1-B68E-41DB-A4FC-34FD5518B9BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0477D24-56F7-46A2-A08A-C20A90E6E85C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CABBD25-7C8D-4CE1-B9C9-75670C8B5B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31D9D1B5-C3D1-42F2-A963-9FA30CF20AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E0514FAC-52CE-41F6-B255-E2D83E71F3E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA25E78-52E0-4B5E-AECC-0F24C827F3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "746190AA-6D21-446F-80F5-4C98F5BF74A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08125E1B-FE2B-436C-A69F-067BC1B5C542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D76BE6D-5C28-404A-BBF3-E2C9E1596E8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AE1241-9998-4F5D-862A-52CE40DB24C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F32526-C148-4FCE-B32B-88A8F2BB3A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "749C6DAF-EF92-40DD-9CE8-535D1C5BB745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "666FB9C2-4A39-4C21-B00B-3ABF4EE9805E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AAF24F7E-C48D-42CE-98AD-71F042014B2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4377F30-6FDD-4232-92A4-62832E08A934",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "00B494B8-27DC-4FA4-BB86-1FEF51A2FA6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C380E168-9045-4BF3-A485-2943B2FDE44D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED17A54-D64F-4FEC-A9FF-1D85C0E0595E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5917861D-85E7-45F6-9150-BD6F2E272832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "90570EDF-C0A3-4AF5-9763-2D6473762A24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "608625CE-F543-4DCA-A3F9-70A35ECD1550",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D5419531-869F-4389-AF72-18F6E0DF3CA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F01BD6B-30EA-4AD6-A2CA-04638FF59DF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3E8B81FD-2288-4DD3-9AAC-76016FFA2D30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "08EEA77B-8151-407C-A840-6E2334FF962B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F5ECD177-5310-44DA-A364-1077898C3A50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7F242460-F1F6-4D37-8817-4F6040FB5F5C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46883130-F370-406C-A8E8-213399F2EE47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A13CE71-BEC0-4DEC-9CF7-183672F6729D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2DB2451D-F31E-4CF6-8E61-2970A4FB174D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01A27F4B-0ED9-479F-B91B-FCB514CF1D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAF452F-94AB-4857-BCD6-AE5251C61526",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7596E71E-4507-4EFC-ABF9-41D8FD338CC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9B201E3D-1028-4955-AFE2-AF8C14CAA182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A1C966E0-6372-4CA5-902E-DEE17FC139E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D6B3E2B-B33D-4FB4-A8CF-0D3C781B371E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6E654FB-BD17-4308-9CD0-163D8DA0BD6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "64D14BEF-D1F0-4C27-87F0-8BCAD8A3E369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2214FC95-71C7-4EB5-B924-9626D663E8FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "94EF2E53-3618-4610-AC36-602584DB26EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EF978C93-8747-416A-890B-09575EF0BA13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The XML parser in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Team Concert 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational DOORS Next Generation 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Engineering Lifecycle Manager 4.x before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Rhapsody Design Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; and Rational Software Architect Design Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5 allows remote authenticated users to read arbitrary files or cause a denial of service via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue."
},
{
"lang": "es",
"value": "El int\u00e9rprete XML en IBM Rational Collaborative Lifecycle Management 3.0.1.6 en versiones anteriores a iFix8, 4.0 en versiones anteriores a 4.0.7 iFix11, 5.0 en versiones anteriores a 5.0.2 iFix18 y 6.0 en versiones anteriores a 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 en versiones anteriores a iFix8, 4.0 en versiones anteriores a 4.0.7 iFix11, 5.0 en versiones anteriores a 5.0.2 iFix18 y 6.0 en versiones anteriores a 6.0.2 iFix5; Rational Team Concert 3.0.1.6 en versiones anteriores a iFix8, 4.0 en versiones anteriores a 4.0.7 iFix11, 5.0 en versiones anteriores a 5.0.2 iFix18 y 6.0 en versiones anteriores a 6.0.2 iFix5; Rational DOORS Next Generation 4.0 en versiones anteriores a 4.0.7 iFix11, 5.0 en versiones anteriores a 5.0.2 iFix18 y 6.0 en versiones anteriores a 6.0.2 iFix5; Rational Engineering Lifecycle Manager 4.x en versiones anteriores a 4.0.7 iFix11, 5.0 en versiones anteriores a 5.0.2 iFix18 y 6.0 en versiones anteriores a 6.0.2 iFix5; Rational Rhapsody Design Manager 4.0 en versiones anteriores a 4.0.7 iFix11, 5.0 en versiones anteriores a 5.0.2 iFix18 y 6.0 en versiones anteriores a 6.0.2 iFix5; y Rational Software Architect Design Manager 4.0 en versiones anteriores a 4.0.7 iFix11, 5.0 en versiones anteriores a 5.0.2 iFix18 y 6.0 en versiones anteriores a 6.0.2 iFix5 permite a usuarios remotos autenticados leer archivos arbitrarios o provocar una denegaci\u00f3n de servicio a trav\u00e9s de un documento XML que contenga una declaraci\u00f3n de entidad externa en conjunci\u00f3n con una referencia de entidad, relacionado con un problema XML External Entity (XXE)."
}
],
"id": "CVE-2016-0284",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-11-24T19:59:04.753",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991478"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/94555"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991478"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/94555"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…