2019-06-27 16:15:10 2019-10-10 01:50:21

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 159883.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE
Ibm Rational software architect design manager 6.0 (not an official CPE) Ibm Rational rhapsody design manager 6.0.6 (not an official CPE) Ibm Rational rhapsody design manager 6.0.5 (not an official CPE) Ibm Rational rhapsody design manager 6.0.4 (not an official CPE) Ibm Rational rhapsody design manager 6.0.3 (not an official CPE) Ibm Rational rhapsody design manager 6.0.2 (not an official CPE) Ibm Rational rhapsody design manager 6.0.1 (not an official CPE) Ibm Rational rhapsody design manager 6.0.0 (not an official CPE) Ibm Rational rhapsody design manager 6.0 (not an official CPE) Ibm Rational quality manager 6.0.6 (not an official CPE) Ibm Rational quality manager 6.0.5 (not an official CPE) Ibm Rational quality manager 6.0.4 (not an official CPE) Ibm Rational quality manager 6.0.3 (not an official CPE) Ibm Rational quality manager 6.0.2 (not an official CPE) Ibm Rational quality manager 6.0.1 (not an official CPE) Ibm Rational quality manager 6.0.0 (not an official CPE) Ibm Rational quality manager 6.0 (not an official CPE) Ibm Rational engineering lifecycle manager 6.0.6 (not an official CPE) Ibm Rational engineering lifecycle manager 6.0.5 (not an official CPE) Ibm Rational engineering lifecycle manager 6.0.4 (not an official CPE) Ibm Rational engineering lifecycle manager 6.0.3 (not an official CPE) Ibm Rational engineering lifecycle manager 6.0.2 (not an official CPE) Ibm Rational engineering lifecycle manager 6.0.1 (not an official CPE) Ibm Rational engineering lifecycle manager 6.0.0 (not an official CPE) Ibm Rational engineering lifecycle manager 6.0 (not an official CPE) Ibm Rational doors next generation 6.0.6 (not an official CPE) Ibm Rational doors next generation 6.0.5 (not an official CPE) Ibm Rational doors next generation 6.0.4 (not an official CPE) Ibm Rational doors next generation 6.0.3 (not an official CPE) Ibm Rational doors next generation 6.0.2 (not an official CPE) Ibm Rational doors next generation 6.0.1 (not an official CPE) Ibm Rational doors next generation 6.0.0 (not an official CPE) Ibm Rational collaborative lifecycle management 6.0.6 (not an official CPE) Ibm Rational collaborative lifecycle management 6.0.5 (not an official CPE) Ibm Rational collaborative lifecycle management 6.0.4 (not an official CPE) Ibm Rational collaborative lifecycle management 6.0.3 (not an official CPE) Ibm Rational collaborative lifecycle management 6.0.2 (not an official CPE) Ibm Rational collaborative lifecycle management 6.0.1 (not an official CPE) Ibm Rational collaborative lifecycle management 6.0.0 (not an official CPE) Ibm Rational collaborative lifecycle management 6.0 (not an official CPE) Ibm Rational software architect design manager 6.0.0 (not an official CPE) Ibm Rational software architect design manager 6.0.1 (not an official CPE) Ibm Rational team concert 6.0 (not an official CPE) Ibm Rational team concert 6.0.0 (not an official CPE) Ibm Rational team concert 6.0.1 (not an official CPE) Ibm Rational team concert 6.0.2 (not an official CPE) Ibm Rational team concert 6.0.3 (not an official CPE) Ibm Rational team concert 6.0.4 (not an official CPE) Ibm Rational team concert 6.0.5 (not an official CPE) Ibm Rational team concert 6.0.6 (not an official CPE) Ibm Rational team concert 6.0.6.1 (not an official CPE)