CVE-2016-3014
Published on: 11/30/2016 12:00:00 AM UTC
Last Modified on: 03/23/2021 11:27:03 PM UTC
Certain versions of Rational Collaborative Lifecycle Management from Ibm contain the following vulnerability:
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Quality Manager 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Team Concert 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational DOORS Next Generation 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Engineering Lifecycle Manager 4.x before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Rhapsody Design Manager 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, and Rational Software Architect Design Manager 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
- CVE-2016-3014 has been assigned by
[email protected] to track the vulnerability - currently rated as MEDIUM severity.
CVSS3 Score: 5.4 - MEDIUM
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
|
---|---|---|---|---|
NETWORK | LOW | LOW | NONE | |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
|
UNCHANGED | LOW | LOW | NONE |
CVSS2 Score: 3.5 - LOW
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
NETWORK | MEDIUM | SINGLE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
NONE | PARTIAL | NONE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
IBM Jazz Foundation CVE-2016-3014 Unspecified Cross-Site Scripting Vulnerability | Third Party Advisory VDB Entry cve.report (archive) text/html |
![]() |
IBM Rational Quality Manager Input Validation Flaw in IBM Jazz Foundation Web UI Component Lets Remote Users Conduct Cross-Site Scripting Attacks - SecurityTracker | www.securitytracker.com text/html |
![]() |
IBM Rational System Architect Design Manager Input Validation Flaw in IBM Jazz Foundation Web UI Component Lets Remote Users Conduct Cross-Site Scripting Attacks - SecurityTracker | www.securitytracker.com text/html |
![]() |
IBM Rational Team Concert Input Validation Flaw in IBM Jazz Foundation Web UI Component Lets Remote Users Conduct Cross-Site Scripting Attacks - SecurityTracker | www.securitytracker.com text/html |
![]() |
IBM Rational Rhapsody Design Manager Input Validation Flaw in IBM Jazz Foundation Web UI Component Lets Remote Users Conduct Cross-Site Scripting Attacks - SecurityTracker | www.securitytracker.com text/html |
![]() |
IBM Security Bulletin: Cross-site scripting vulnerability affects multiple IBM Rational products based on IBM Jazz technology (CVE-2016-3014) - United States | Vendor Advisory www-01.ibm.com text/html |
![]() |
Known Affected Configurations (CPE V2.3)
- cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.3:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.4:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.5:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.6:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.7:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.3:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.4:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.5:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.6:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.7:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_doors_next_generation:4.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_doors_next_generation:4.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_doors_next_generation:4.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_doors_next_generation:4.0.3:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_doors_next_generation:4.0.4:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_doors_next_generation:4.0.5:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_doors_next_generation:4.0.6:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_doors_next_generation:4.0.7:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_doors_next_generation:5.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_doors_next_generation:4.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_doors_next_generation:4.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_doors_next_generation:4.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_doors_next_generation:4.0.3:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_doors_next_generation:4.0.4:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_doors_next_generation:4.0.5:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_doors_next_generation:4.0.6:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_doors_next_generation:4.0.7:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_doors_next_generation:5.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.3:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.4:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.5:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.6:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.7:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.3:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.4:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.5:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.6:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.7:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_quality_manager:4.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_quality_manager:4.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_quality_manager:4.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_quality_manager:4.0.3:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_quality_manager:4.0.4:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_quality_manager:4.0.5:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_quality_manager:4.0.6:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_quality_manager:4.0.7:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_quality_manager:5.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_quality_manager:5.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_quality_manager:5.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_quality_manager:4.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_quality_manager:4.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_quality_manager:4.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_quality_manager:4.0.3:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_quality_manager:4.0.4:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_quality_manager:4.0.5:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_quality_manager:4.0.6:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_quality_manager:4.0.7:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_quality_manager:5.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_quality_manager:5.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_quality_manager:5.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.3:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.4:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.5:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.6:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.7:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.3:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.4:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.5:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.6:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.7:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.3:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.4:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.5:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.6:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.7:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.3:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.4:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.5:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.6:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.7:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_team_concert:4.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_team_concert:4.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_team_concert:4.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_team_concert:4.0.3:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_team_concert:4.0.4:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_team_concert:4.0.5:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_team_concert:4.0.6:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_team_concert:4.0.7:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_team_concert:5.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_team_concert:5.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_team_concert:5.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_team_concert:4.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_team_concert:4.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_team_concert:4.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_team_concert:4.0.3:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_team_concert:4.0.4:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_team_concert:4.0.5:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_team_concert:4.0.6:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_team_concert:4.0.7:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_team_concert:5.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_team_concert:5.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:ibm:rational_team_concert:5.0.2:*:*:*:*:*:*:*: