Home Unlabelled IBM Security Bulletin: Cross-site Scripting vulnerability affects Rational Engineering Lifecycle Manager

IBM Security Bulletin: Cross-site Scripting vulnerability affects Rational Engineering Lifecycle Manager

By
Wednesday, June 21, 2017
Read
Add Comment

Rational Engineering Lifecycle Manager is vulnerable to a cross-site scripting attack with potential for credentials disclosure within a trusted session.

CVE(s): CVE-2016-9747

Affected product(s) and affected version(s):

Rational Collaborative Lifecycle Management 4.0 – 6.0.2
Rational Engineering Lifecycle Manager 4.0.3 – 4.0.7
Rational Engineering Lifecycle Manager 5.0 – 5.0.2
Rational Engineering Lifecycle Manager 6.0 – 6.0.2

Note: 6.0.3 and 6.0.4 releases are not affected.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2spWjt2
X-Force Database: http://ift.tt/2rV4Mki

The post IBM Security Bulletin: Cross-site Scripting vulnerability affects Rational Engineering Lifecycle Manager appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2spPSpC
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us