CVE-2016-3014

Published Nov 30, 2016
Last updated 7 years ago
CVSS medium 5.4
Overview

Description: Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Quality Manager 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Team Concert 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational DOORS Next Generation 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Engineering Lifecycle Manager 4.x before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Rhapsody Design Manager 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, and Rational Software Architect Design Manager 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Source: psirt@us.ibm.com
NVD status: Modified
Risk scores

CVSS 3.0

Type: Primary
Base score: 5.4
Impact score: 2.5
Exploitability score: 2.8
Vector string: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Severity: MEDIUM
CVSS 2.0

Type: Primary
Base score: 3.5
Impact score: 2.9
Exploitability score: 6.8
Vector string: AV:N/AC:M/Au:S/C:N/I:P/A:N
Weaknesses

nvd@nist.gov: CWE-79
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AAF24F7E-C48D-42CE-98AD-71F042014B2C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C4377F30-6FDD-4232-92A4-62832E08A934"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "00B494B8-27DC-4FA4-BB86-1FEF51A2FA6E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C380E168-9045-4BF3-A485-2943B2FDE44D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8ED17A54-D64F-4FEC-A9FF-1D85C0E0595E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5917861D-85E7-45F6-9150-BD6F2E272832"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90570EDF-C0A3-4AF5-9763-2D6473762A24"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "608625CE-F543-4DCA-A3F9-70A35ECD1550"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D5419531-869F-4389-AF72-18F6E0DF3CA3"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F01BD6B-30EA-4AD6-A2CA-04638FF59DF4"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3E8B81FD-2288-4DD3-9AAC-76016FFA2D30"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46883130-F370-406C-A8E8-213399F2EE47"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5A13CE71-BEC0-4DEC-9CF7-183672F6729D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2DB2451D-F31E-4CF6-8E61-2970A4FB174D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01A27F4B-0ED9-479F-B91B-FCB514CF1D1B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EEAF452F-94AB-4857-BCD6-AE5251C61526"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7596E71E-4507-4EFC-ABF9-41D8FD338CC3"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B201E3D-1028-4955-AFE2-AF8C14CAA182"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A1C966E0-6372-4CA5-902E-DEE17FC139E7"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D6B3E2B-B33D-4FB4-A8CF-0D3C781B371E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6E654FB-BD17-4308-9CD0-163D8DA0BD6B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "64D14BEF-D1F0-4C27-87F0-8BCAD8A3E369"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DCC4C9D2-6799-44B5-AEF4-47DD3CC012FA"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB0AA277-39E7-441C-9AF2-18848FD4C9D7"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4938F063-34AF-4C5F-AF43-534C3D052720"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3902033E-35AB-4358-9D07-AF8C59A9621A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "559C7C20-BD07-4E30-A74C-EA35DB2E3F2B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B15D55E2-D1C2-4934-8C51-2DA2778ADF7B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC0F2747-175E-4B85-9020-162F019860EF"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_quality_manager:4.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B31F581-9E7A-4882-A915-FE4784FDC996"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA1E396E-905A-4CE3-8AEB-12BFBE679B2E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D1186E8-2639-476F-802E-580D98F2E255"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_quality_manager:5.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC7E998F-416E-4E1F-BF85-606224B468CF"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3FC3B8F6-F9D7-454C-B7A2-732B6708AF04"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6B4FF44-507B-4F2E-9C7C-4D8A046542D1"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF1DD60E-3E2C-4F42-9892-B031CB3B570D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6504477B-9BF5-49F6-8E3A-9B07B30895B8"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0C4948B-69C4-4CAF-808E-426483ED0622"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1C297440-406F-4508-9D8D-92F79DF91C4A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79FB3730-EE6A-44CE-8FCD-4CE6D055EB2A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C416F89-7E5E-4FE7-A532-F13843AA1771"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EED534E3-80EF-40AF-927A-20D59DA7B045"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C36DDB50-CF31-4B3C-AE49-99A3AFBC0791"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9DFDE569-8BE3-4CFD-8228-FF785B004068"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "817714F1-B68E-41DB-A4FC-34FD5518B9BB"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D0477D24-56F7-46A2-A08A-C20A90E6E85C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CABBD25-7C8D-4CE1-B9C9-75670C8B5B09"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31D9D1B5-C3D1-42F2-A963-9FA30CF20AA0"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E0514FAC-52CE-41F6-B255-E2D83E71F3E9"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ACA25E78-52E0-4B5E-AECC-0F24C827F3F2"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "746190AA-6D21-446F-80F5-4C98F5BF74A9"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:4.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "08125E1B-FE2B-436C-A69F-067BC1B5C542"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D76BE6D-5C28-404A-BBF3-E2C9E1596E8C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A0BC49A-4D59-47AE-B2D2-13B6719B0932"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E3AE1241-9998-4F5D-862A-52CE40DB24C8"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2500F56F-C615-4836-9F6E-44985F898E64"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9DF445D-E457-4FA5-A2BE-F05828F8F799"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1CE1A44-9F74-4405-AAB4-E38487FBD91A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "29160905-BBD7-486C-A4E0-5778717389E9"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A538D21-6F83-4F01-AB4F-788A89F922CF"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "233E248F-0EA5-4C97-8474-C7A3EFCF7CCA"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5FE6472E-AC94-431C-B8EA-8A3ED1828E85"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_team_concert:4.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8DAFF35-BD11-4EED-8B79-E99AE8A0E620"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5FDFE57E-7905-4DC8-93FC-CAE5BC070790"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C8BEC305-F98D-45F4-B149-1188744DE408"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_team_concert:5.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E837B6AB-B8FF-413E-8DE9-EE61F6113ED1"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC85C5A2-04BC-4E10-9EAF-6AF2CBC3AF41"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6C66DD3-20D9-4B47-AFA4-0BA789A973FF"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7178BB7D-7098-44FB-8DC1-C6A7AF5D6EE5"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3F4A9A99-C26E-4476-934E-24AADFBDB8B4"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A73A4517-CA0C-4C11-BD22-47F53DFBD7B3"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C22AC9CB-44C3-43E1-B29A-3D06A421E51D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51998570-6EFF-436C-9297-601B17A31788"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D944BB64-73C5-402C-9D14-077B8FC9DB8A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A32DF4D-B68E-4C3E-AF20-05C80B26461A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B877D86-6ABE-43E8-A681-0C937C779388"
          },
          {
            "criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61DE20FB-F2C6-49CB-B1A7-0C5A1F802C56"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
