Vulnerability CVE-2017-1700

Vulnerability CVE-2017-1700

Published: 2018-04-24

Description:

IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM), and Rational Software Architect (RSA DM) could allow an authenticated user to cause a denial of service due to incorrect authorization for resource intensive scenarios. IBM X-Force ID: 134392.

Type:

CWE-863

(Incorrect Authorization)

CVSS2 => (AV:N/AC:L/Au:S/C:N/I:N/A:P)

CVSS Base Score	Impact Subscore	Exploitability Subscore
4/10	2.9/10	8/10

Exploit range	Attack complexity	Authentication
Remote	Low	Single time
Confidentiality impact	Integrity impact	Availability impact
None	None	Partial

Affected software
IBM -> Rational collaborative lifecycle management
IBM -> Rational doors next generation
IBM -> Rational engineering lifecycle manager
IBM -> Rational quality manager
IBM -> Rational rhapsody design manager
IBM -> Rational software architect design manager
IBM -> Rational team concert

References:

http://www.ibm.com/support/docview.wss?uid=swg22015635

https://exchange.xforce.ibmcloud.com/vulnerabilities/134392

Copyright 2024, cxsecurity.com