Boletines de Vulnerabilidades

IBM Security Bulletin: XSS Vulnerability in IBM Jazz Foundation affects multiple IBM Rational products based on IBM Jazz technology (CVE-2015-0130)

Información sobre el sistema
   
Software afectado IBM

Descripción
A Cross-site Scripting vulnerability affects the following IBM Jazz Team Server based Applications: Collaborative Lifecycle Management (CLM), Rational Requirements Composer (RRC), Rational DOORS Next Generation (RDNG), Rational Team Concert (RTC), and Rational Quality Manager (RQM). CVE(s): CVE-2015-0130 Affected product(s) and affected version(s): Rational Collaborative Lifecycle Management 4.0 - 5.0.2 Rational Quality Manager 4.0 - 4.0.7 Rational Quality Manager 5.0 - 5.0.2 Rational

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_xss_vulnerability_in_ibm_jazz_foundation_affects_multiple_ibm_rational_products_based_on_ibm_jazz_technology_cve_2015_0130?lang=en_us

Identificadores estándar
Propiedad Valor
CVE CVE-2015-0130 ,CVE-2015-4000 ,CVE-2015-1981 ,CVE-2015-0488 and CVE-2015-1916.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2015-07-01

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT