CVE-2016-2981

MEDIUM

IBM Rational Collaborative Lifecycle Management - Exposure of Sensitive Information to an Unauthorized Actor

Title source: llm

Description

An undisclosed vulnerability in the CLM applications in IBM Jazz Team Server may allow unauthorized access to user credentials. IBM Reference #: 1999965.

References (2)

Core 2

Core References

Patch, Vendor Advisory x_refsource_confirm

http://www.ibm.com/support/docview.wss?uid=swg21999965

Patch, Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/113994?cm_mc_uid=06394756914614889387221&cm_mc_sid_50200000=1490229077

Scores

CVSS v3 6.8

EPSS 0.0005

EPSS Percentile 17.0%

Attack Vector PHYSICAL

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-200

Status published

Products (32)

ibm/rational_collaborative_lifecycle_management 4.0

ibm/rational_collaborative_lifecycle_management 4.0.1

ibm/rational_collaborative_lifecycle_management 4.0.2

ibm/rational_collaborative_lifecycle_management 4.0.3

ibm/rational_collaborative_lifecycle_management 4.0.4

ibm/rational_collaborative_lifecycle_management 4.0.5

ibm/rational_collaborative_lifecycle_management 4.0.6

ibm/rational_collaborative_lifecycle_management 4.0.7

ibm/rational_collaborative_lifecycle_management 5.0

ibm/rational_collaborative_lifecycle_management 5.0.1

... and 22 more

Published Mar 20, 2017

Tracked Since Feb 18, 2026