Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2015-0121
HistoryMay 30, 2015 - 7:59 p.m.

CVE-2015-0121

2015-05-3019:59:00
[email protected]
web.nvd.nist.gov
4

CVSS2

3.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:P/I:P/A:P

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

50.4%

JSON

IBM Rational Requirements Composer 3.0 through 3.0.1.6 and 4.0 through 4.0.7 and Rational DOORS Next Generation (RDNG) 4.0 through 4.0.7 and 5.0 through 5.0.2, when LTPA single sign on is used with WebSphere Application Server, do not terminate a Requirements Management (RM) session upon LTPA token expiration, which allows remote attackers to obtain access by leveraging an unattended workstation.

Affected configurations

Nvd
Node
ibmrational_requirements_composerMatch3.0
OR
ibmrational_requirements_composerMatch3.0.1
OR
ibmrational_requirements_composerMatch3.0.1.1
OR
ibmrational_requirements_composerMatch3.0.1.2
OR
ibmrational_requirements_composerMatch3.0.1.3
OR
ibmrational_requirements_composerMatch3.0.1.4
OR
ibmrational_requirements_composerMatch3.0.1.5
OR
ibmrational_requirements_composerMatch3.0.1.6
OR
ibmrational_requirements_composerMatch4.0
OR
ibmrational_requirements_composerMatch4.0.0
OR
ibmrational_requirements_composerMatch4.0.0.1
OR
ibmrational_requirements_composerMatch4.0.0.2
OR
ibmrational_requirements_composerMatch4.0.1
OR
ibmrational_requirements_composerMatch4.0.2
OR
ibmrational_requirements_composerMatch4.0.3
OR
ibmrational_requirements_composerMatch4.0.4
OR
ibmrational_requirements_composerMatch4.0.5
OR
ibmrational_requirements_composerMatch4.0.6
OR
ibmrational_requirements_composerMatch4.0.7
Node
ibmrational_doors_next_generationMatch4.0.0
OR
ibmrational_doors_next_generationMatch4.0.1
OR
ibmrational_doors_next_generationMatch4.0.2
OR
ibmrational_doors_next_generationMatch4.0.3
OR
ibmrational_doors_next_generationMatch4.0.4
OR
ibmrational_doors_next_generationMatch4.0.5
OR
ibmrational_doors_next_generationMatch4.0.6
OR
ibmrational_doors_next_generationMatch4.0.7
OR
ibmrational_doors_next_generationMatch5.0
OR
ibmrational_doors_next_generationMatch5.0.1
OR
ibmrational_doors_next_generationMatch5.0.2
VendorProductVersionCPE
ibmrational_requirements_composer3.0cpe:2.3:a:ibm:rational_requirements_composer:3.0:*:*:*:*:*:*:*
ibmrational_requirements_composer3.0.1cpe:2.3:a:ibm:rational_requirements_composer:3.0.1:*:*:*:*:*:*:*
ibmrational_requirements_composer3.0.1.1cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.1:*:*:*:*:*:*:*
ibmrational_requirements_composer3.0.1.2cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.2:*:*:*:*:*:*:*
ibmrational_requirements_composer3.0.1.3cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.3:*:*:*:*:*:*:*
ibmrational_requirements_composer3.0.1.4cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.4:*:*:*:*:*:*:*
ibmrational_requirements_composer3.0.1.5cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.5:*:*:*:*:*:*:*
ibmrational_requirements_composer3.0.1.6cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.6:*:*:*:*:*:*:*
ibmrational_requirements_composer4.0cpe:2.3:a:ibm:rational_requirements_composer:4.0:*:*:*:*:*:*:*
ibmrational_requirements_composer4.0.0cpe:2.3:a:ibm:rational_requirements_composer:4.0.0:*:*:*:*:*:*:*
Rows per page:
1-10 of 301

Related

prion 1
cve 1
cvelist 1
prion
prion
Design/Logic Flaw
2015-05-30 19:59:00
cve
cve
CVE-2015-0121
2015-05-30 19:59:00
cvelist
cvelist
CVE-2015-0121
2015-05-30 19:00:00

CVSS2

3.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:P/I:P/A:P

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

50.4%

JSON
Related for NVD:CVE-2015-0121
prion1cve1cvelist1