CVE-2016-0219

MEDIUM

IBM Rational Team Concert <6.0.1 - DoS

Title source: llm
STIX 2.1

Description

XML external entity (XXE) vulnerability in IBM Rational Team Concert 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0 before 5.0.2 iFix15, and 6.0 before 6.0.1 iFix4 allows remote authenticated users to cause a denial of service via crafted XML data. IBM X-Force ID: 109693.

References (2)

Core 2
Core References
VDB Entry, Vendor Advisory vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/109693
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21983720

Scores

CVSS v3 6.5
EPSS 0.0126
EPSS Percentile 65.6%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-611
Status published
Products (50)
ibm/rational_collaborative_lifecycle_management 3.0.1
ibm/rational_collaborative_lifecycle_management 3.0.1.1
ibm/rational_collaborative_lifecycle_management 3.0.1.2
ibm/rational_collaborative_lifecycle_management 3.0.1.3
ibm/rational_collaborative_lifecycle_management 3.0.1.4
ibm/rational_collaborative_lifecycle_management 3.0.1.5
ibm/rational_collaborative_lifecycle_management 3.0.1.6
ibm/rational_collaborative_lifecycle_management 4.0
ibm/rational_collaborative_lifecycle_management 4.0.1
ibm/rational_collaborative_lifecycle_management 4.0.2
... and 40 more
Published Jan 16, 2018
Tracked Since Feb 18, 2026