CVE-2016-2865
MEDIUMIBM Rational Team Concert and Collaborative Lifecycle Management - Exposure of Sensitive Information via GIT Integration
Title source: llmDescription
The GIT Integration component in IBM Rational Team Concert (RTC) 5.x before 5.0.2 iFix14 and 6.x before 6.0.1 iFix5 and Rational Collaborative Lifecycle Management 5.x before 5.0.2 iFix14 and 6.x before 6.0.1 iFix5 allows remote authenticated users to obtain sensitive information via a malformed request.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/91680
Patch, Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21985865
Scores
CVSS v3
6.5
EPSS
0.0105
EPSS Percentile
60.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (10)
ibm/rational_collaborative_lifecycle_management
5.0.0
ibm/rational_collaborative_lifecycle_management
5.0.1
ibm/rational_collaborative_lifecycle_management
5.0.2
ibm/rational_collaborative_lifecycle_management
6.0.0
ibm/rational_collaborative_lifecycle_management
6.0.1
ibm/rational_team_concert
5.0.0
ibm/rational_team_concert
5.0.1
ibm/rational_team_concert
5.0.2
ibm/rational_team_concert
6.0.0
ibm/rational_team_concert
6.0.1
Published
Jul 15, 2016
Tracked Since
Feb 18, 2026