Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM76B41ACFF5FF0AAAA554F939B5185D92AB62748F3C9D34CC3F6A3EEF3E3FE255
HistoryJun 17, 2018 - 5:16 a.m.

Security Bulletin: Vulnerability in Rational DOORS Next Generation with potential for Cross-Site Scripting attack (CVE-2016-5955)

2018-06-1705:16:03
www.ibm.com
7

EPSS

0.001

Percentile

25.7%

JSON

Summary

Security Bulletin: Vulnerability in Rational DOORS Next Generation with potential for Cross-Site Scripting attack.

Vulnerability Details

CVE ID: CVE-2016-5955**
DESCRIPTION:** IBM DOORS Next Generation( DNG/RRC) is vulnerable to an undisclosed cross-site scripting attack. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Base Score: 5.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/116100 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N) .

Affected Products and Versions

Rational DOORS Next Generation 6.0.2

Remediation/Fixes

A fix is available by upgrading to 6.0.2 iFix004 or later

Workarounds and Mitigations

None

Related

nvd 1
cve 1
prion 1
cvelist 1
nvd
nvd
CVE-2016-5955
2016-11-25 03:59:09
cve
cve
CVE-2016-5955
2016-11-25 03:59:09
prion
prion
Cross site scripting
2016-11-25 03:59:00
cvelist
cvelist
CVE-2016-5955
2016-11-25 03:38:00

EPSS

0.001

Percentile

25.7%

JSON
Related for 76B41ACFF5FF0AAAA554F939B5185D92AB62748F3C9D34CC3F6A3EEF3E3FE255
nvd1cve1prion1cvelist1