Boletines de Vulnerabilidades

IBM Security Bulletin: Vulnerability in Rational Engineering Lifecycle Manager, Rational Software Architect Design Manager and Rhapsody Design Manager (CVE-2014-3037)

Información sobre el sistema
   
Software afectado IBM

Descripción
IBM Rational Engineering Lifecycle Manager, Rational Software Architect Design Manager and Rational Rhapsody Design Manager are vulnerable to a cross-site request forgery attack. CVE(s): CVE-2014-3037 Affected product(s) and affected version(s): Rational Engineering Lifecycle Manager 1.0, 1.0.0.1, 4.0.3, 4.0.4, 4.0.5, 4.0.6, 5.0 Rational Software Architect Design Manager 3.0, 3.0.0.1, 3.0.1, 4.0 - 4.0.6, 5.0 Rational Rhapsody Design Manager 3.0, 3.0.0.1, 3.0.1, 4.0 - 4.0.6, 5.0 Refer

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_vulnerability_in_rational_engineering_lifecycle_manager_rational_software_architect_design_manager_and_rhapsody_design_manager_cve_2014_3037?lang=en_us

Identificadores estándar
Propiedad Valor
CVE CVE-2014-3037 ,CVE-2014-0909 ,CVE-2014-3079 ,CVE-2014-4756 ,CVE-2014-0075 ,CVE-2014-0095 ,CVE-2014-0096 ,CVE-2014-0099 ,CVE-2014-0119 and CVE-2014-4805.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2014-09-07

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT