Lucene search
HistoryNov 06, 2018 - 4:29 p.m.
CVE-2018-1606
ibm
jazz
applications
vulnerability
sensitive information
exposure
x-force id
143796
nvd.
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
19.2%
IBM Jazz based applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Quality Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Rhapsody Design Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Software Architect Design Manager 5.0 through 5.02 and 6.0 through 6.0.1, IBM Rational Team Concert 5.0 through 5.02 and 6.0 through 6.0.6) could allow an authenticated user to obtain sensitive information from an error message that could be used in further attacks against the system. IBM X-Force ID: 143796.
Affected configurations
Node
ibmrational_team_concertMatch5.0
ORibmrational_team_concertMatch6.0
ORibmrational_team_concertMatch6.0.1
ORibmrational_team_concertMatch6.0.2
ORibmrational_team_concertMatch6.0.3
ORibmrational_team_concertMatch6.0.4
ORibmrational_team_concertMatch6.0.5
ORibmrational_team_concertMatch6.0.6
ORibmrational_team_concertMatch5.01
ORibmrational_team_concertMatch5.02
ibmrational_software_architect_design_managerMatch5.0
ORibmrational_software_architect_design_managerMatch6.0
ORibmrational_software_architect_design_managerMatch6.0.1
ORibmrational_software_architect_design_managerMatch5.01
ORibmrational_software_architect_design_managerMatch5.02
ibmrational_doors_next_generationMatch5.0
ORibmrational_doors_next_generationMatch6.0
ORibmrational_doors_next_generationMatch6.0.1
ORibmrational_doors_next_generationMatch6.0.2
ORibmrational_doors_next_generationMatch6.0.3
ORibmrational_doors_next_generationMatch6.0.4
ORibmrational_doors_next_generationMatch6.0.5
ORibmrational_doors_next_generationMatch6.0.6
ORibmrational_doors_next_generationMatch5.01
ORibmrational_doors_next_generationMatch5.02
ibmrational_collaborative_lifecycle_managementMatch5.0
ORibmrational_collaborative_lifecycle_managementMatch6.0
ORibmrational_collaborative_lifecycle_managementMatch6.0.1
ORibmrational_collaborative_lifecycle_managementMatch6.0.2
ORibmrational_collaborative_lifecycle_managementMatch6.0.3
ORibmrational_collaborative_lifecycle_managementMatch6.0.4
ORibmrational_collaborative_lifecycle_managementMatch6.0.5
ORibmrational_collaborative_lifecycle_managementMatch6.0.6
ORibmrational_collaborative_lifecycle_managementMatch5.01
ORibmrational_collaborative_lifecycle_managementMatch5.02
ibmrational_rhapsody_design_managerMatch5.0
ORibmrational_rhapsody_design_managerMatch6.0
ORibmrational_rhapsody_design_managerMatch6.0.1
ORibmrational_rhapsody_design_managerMatch6.0.2
ORibmrational_rhapsody_design_managerMatch6.0.3
ORibmrational_rhapsody_design_managerMatch6.0.4
ORibmrational_rhapsody_design_managerMatch6.0.5
ORibmrational_rhapsody_design_managerMatch6.0.6
ORibmrational_rhapsody_design_managerMatch5.01
ORibmrational_rhapsody_design_managerMatch5.02
ibmrational_quality_managerMatch5.0
ORibmrational_quality_managerMatch6.0
ORibmrational_quality_managerMatch6.0.1
ORibmrational_quality_managerMatch6.0.2
ORibmrational_quality_managerMatch6.0.3
ORibmrational_quality_managerMatch6.0.4
ORibmrational_quality_managerMatch6.0.5
ORibmrational_quality_managerMatch6.0.6
ORibmrational_quality_managerMatch5.01
ORibmrational_quality_managerMatch5.02
ibmrational_engineering_lifecycle_managerMatch5.0
ORibmrational_engineering_lifecycle_managerMatch6.0
ORibmrational_engineering_lifecycle_managerMatch6.0.1
ORibmrational_engineering_lifecycle_managerMatch6.0.2
ORibmrational_engineering_lifecycle_managerMatch6.0.3
ORibmrational_engineering_lifecycle_managerMatch6.0.4
ORibmrational_engineering_lifecycle_managerMatch6.0.5
ORibmrational_engineering_lifecycle_managerMatch6.0.6
ORibmrational_engineering_lifecycle_managerMatch5.01
ORibmrational_engineering_lifecycle_managerMatch5.02
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | rational_team_concert | 5.0 | cpe:2.3:a:ibm:rational_team_concert:5.0:*:*:*:*:*:*:* |
| ibm | rational_team_concert | 6.0 | cpe:2.3:a:ibm:rational_team_concert:6.0:*:*:*:*:*:*:* |
| ibm | rational_team_concert | 6.0.1 | cpe:2.3:a:ibm:rational_team_concert:6.0.1:*:*:*:*:*:*:* |
| ibm | rational_team_concert | 6.0.2 | cpe:2.3:a:ibm:rational_team_concert:6.0.2:*:*:*:*:*:*:* |
| ibm | rational_team_concert | 6.0.3 | cpe:2.3:a:ibm:rational_team_concert:6.0.3:*:*:*:*:*:*:* |
| ibm | rational_team_concert | 6.0.4 | cpe:2.3:a:ibm:rational_team_concert:6.0.4:*:*:*:*:*:*:* |
| ibm | rational_team_concert | 6.0.5 | cpe:2.3:a:ibm:rational_team_concert:6.0.5:*:*:*:*:*:*:* |
| ibm | rational_team_concert | 6.0.6 | cpe:2.3:a:ibm:rational_team_concert:6.0.6:*:*:*:*:*:*:* |
| ibm | rational_team_concert | 5.01 | cpe:2.3:a:ibm:rational_team_concert:5.01:*:*:*:*:*:*:* |
| ibm | rational_team_concert | 5.02 | cpe:2.3:a:ibm:rational_team_concert:5.02:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Rational Team Concert",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.3"
},
{
"status": "affected",
"version": "6.0.4"
},
{
"status": "affected",
"version": "6.0.5"
},
{
"status": "affected",
"version": "6.0.6"
},
{
"status": "affected",
"version": "5.01"
},
{
"status": "affected",
"version": "5.02"
}
]
},
{
"product": "Rational Software Architect Design Manager",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "5.01"
},
{
"status": "affected",
"version": "5.02"
}
]
},
{
"product": "Rational DOORS Next Generation",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.3"
},
{
"status": "affected",
"version": "6.0.4"
},
{
"status": "affected",
"version": "6.0.5"
},
{
"status": "affected",
"version": "6.0.6"
},
{
"status": "affected",
"version": "5.01"
},
{
"status": "affected",
"version": "5.02"
}
]
},
{
"product": "Rational Collaborative Lifecycle Management",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.3"
},
{
"status": "affected",
"version": "6.0.4"
},
{
"status": "affected",
"version": "6.0.5"
},
{
"status": "affected",
"version": "6.0.6"
},
{
"status": "affected",
"version": "5.01"
},
{
"status": "affected",
"version": "5.02"
}
]
},
{
"product": "Rational Rhapsody Design Manager",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.3"
},
{
"status": "affected",
"version": "6.0.4"
},
{
"status": "affected",
"version": "6.0.5"
},
{
"status": "affected",
"version": "6.0.6"
},
{
"status": "affected",
"version": "5.01"
},
{
"status": "affected",
"version": "5.02"
}
]
},
{
"product": "Rational Quality Manager",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.3"
},
{
"status": "affected",
"version": "6.0.4"
},
{
"status": "affected",
"version": "6.0.5"
},
{
"status": "affected",
"version": "6.0.6"
},
{
"status": "affected",
"version": "5.01"
},
{
"status": "affected",
"version": "5.02"
}
]
},
{
"product": "Rational Engineering Lifecycle Manager",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.3"
},
{
"status": "affected",
"version": "6.0.4"
},
{
"status": "affected",
"version": "6.0.5"
},
{
"status": "affected",
"version": "6.0.6"
},
{
"status": "affected",
"version": "5.01"
},
{
"status": "affected",
"version": "5.02"
}
]
}
]Related
nvd
nvd
CVE-2018-1606
2018-11-06 16:29:00
prion
prion
Design/Logic Flaw
2018-11-06 16:29:00
cvelist
cvelist
CVE-2018-1606
2018-11-02 00:00:00
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
19.2%
Related for CVE-2018-1606