|
219601
|
7.5 |
HIGH
Network
|
ibm
|
rational_software_architect_design_manager
rational_collaborative_lifecycle_management
rational_quality_manager
rational_team_concert
rational_doors_next_generation
rational_engineerin…
|
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request contain…
|
CWE-22
Path Traversal
|
CVE-2019-4252
|
2024-11-21 13:43 |
2019-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219602
|
5.4 |
MEDIUM
Network
|
ibm
|
rational_software_architect_design_manager
rational_collaborative_lifecycle_management
rational_quality_manager
rational_team_concert
rational_doors_next_generation
rational_engineerin…
|
IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript…
|
CWE-79
Cross-site Scripting
|
CVE-2019-4250
|
2024-11-21 13:43 |
2019-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219603
|
5.4 |
MEDIUM
Network
|
ibm
|
rational_software_architect_design_manager
rational_collaborative_lifecycle_management
rational_quality_manager
rational_team_concert
rational_doors_next_generation
rational_engineerin…
|
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alteri…
|
CWE-79
Cross-site Scripting
|
CVE-2019-4249
|
2024-11-21 13:43 |
2019-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219604
|
4.3 |
MEDIUM
Network
|
ibm
|
rational_software_architect_design_manager
rational_collaborative_lifecycle_management
rational_quality_manager
rational_team_concert
rational_doors_next_generation
rational_engineerin…
|
IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) could allow an authenticated user to obtain sensitive information from CLM Applications that could b…
|
NVD-CWE-noinfo
|
CVE-2019-4084
|
2024-11-21 13:43 |
2019-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219605
|
5.4 |
MEDIUM
Network
|
ibm
|
rational_software_architect_design_manager
rational_collaborative_lifecycle_management
rational_quality_manager
rational_team_concert
rational_doors_next_generation
rational_engineerin…
|
IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript…
|
CWE-79
Cross-site Scripting
|
CVE-2019-4083
|
2024-11-21 13:43 |
2019-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219606
|
7.8 |
HIGH
Local
|
ibm
|
pureapplication_system
|
IBM PureApplication System 2.2.3.0 through 2.2.5.3 could allow an authenticated user with local access to bypass authentication and obtain administrative access. IBM X-Force ID: 159467.
|
NVD-CWE-noinfo
|
CVE-2019-4241
|
2024-11-21 13:43 |
2019-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219607
|
7.5 |
HIGH
Network
|
ibm
|
pureapplication_system
|
IBM PureApplication System 2.2.3.0 through 2.2.5.3 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID…
|
CWE-521
Weak Password Requirements
|
CVE-2019-4235
|
2024-11-21 13:43 |
2019-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219608
|
4.3 |
MEDIUM
Network
|
ibm
|
pureapplication_system
|
IBM PureApplication System 2.2.3.0 through 2.2.5.3 weakness in the implementation of locking feature in pattern editor. An attacker by intercepting the subsequent requests can bypass business logic t…
|
NVD-CWE-noinfo
|
CVE-2019-4234
|
2024-11-21 13:43 |
2019-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219609
|
4.4 |
MEDIUM
Local
|
ibm
|
pureapplication_system
|
IBM PureApplication System 2.2.3.0 through 2.2.5.3 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 159242.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2019-4225
|
2024-11-21 13:43 |
2019-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219610
|
8.8 |
HIGH
Network
|
ibm
|
pureapplication_system
|
IBM PureApplication System 2.2.3.0 through 2.2.5.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify o…
|
CWE-89
SQL Injection
|
CVE-2019-4224
|
2024-11-21 13:43 |
2019-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
