CVE-2016-2981

MEDIUM

IBM Rational Collaborative Lifecycle ... - Information Disclosure

Title source: rule

Description

An undisclosed vulnerability in the CLM applications in IBM Jazz Team Server may allow unauthorized access to user credentials. IBM Reference #: 1999965.

References (2)

[Patch, Vendor Advisory] http://www.ibm.com/support/docview.wss?uid=swg21999965

[Patch, Vendor Advisory] https://exchange.xforce.ibmcloud.com/vulnerabilities/113994?cm_mc_uid=06394756914614889387221&cm_mc_sid_50200000=1490229077

Scores

CVSS v3 6.8

EPSS 0.0005

EPSS Percentile 16.7%

Attack Vector PHYSICAL

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-200

Status published

Affected Products (32)

ibm/rational_collaborative_lifecycle_management

ibm/rational_collaborative_lifecycle_management

ibm/rational_collaborative_lifecycle_management

ibm/rational_collaborative_lifecycle_management

ibm/rational_collaborative_lifecycle_management

ibm/rational_collaborative_lifecycle_management

ibm/rational_collaborative_lifecycle_management

ibm/rational_collaborative_lifecycle_management

ibm/rational_collaborative_lifecycle_management

ibm/rational_collaborative_lifecycle_management

ibm/rational_collaborative_lifecycle_management

ibm/rational_collaborative_lifecycle_management

ibm/rational_collaborative_lifecycle_management

ibm/rational_collaborative_lifecycle_management

ibm/rational_collaborative_lifecycle_management

... and 17 more

Timeline

Published Mar 20, 2017

Tracked Since Feb 18, 2026