First published: Tue Jul 29 2014(Updated: )
IBM Rational Team Concert (RTC) 3.x before 3.0.1.6 IF3 and 4.x before 4.0.7 does not properly integrate with build engines, which allows remote authenticated users to discover credentials via unspecified vectors.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Rational Team Concert | =4.0 | |
IBM Rational Team Concert | =4.0.0.1 | |
IBM Rational Team Concert | =4.0.0.2 | |
IBM Rational Team Concert | =4.0.1 | |
IBM Rational Team Concert | =4.0.2 | |
IBM Rational Team Concert | =4.0.3 | |
IBM Rational Team Concert | =4.0.4 | |
IBM Rational Team Concert | =4.0.5 | |
IBM Rational Team Concert | =4.0.6 | |
IBM Rational Team Concert | =3.0 | |
IBM Rational Team Concert | =3.0.1 | |
IBM Rational Team Concert | =3.0.1.1 | |
IBM Rational Team Concert | =3.0.1.2 | |
IBM Rational Team Concert | =3.0.1.3 | |
IBM Rational Team Concert | =3.0.1.4 | |
IBM Rational Team Concert | =3.0.1.5 | |
IBM Rational Team Concert | =3.0.1.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2014-3050 is classified as a moderate vulnerability due to its potential to expose user credentials to authenticated remote attackers.
To fix CVE-2014-3050, upgrade IBM Rational Team Concert to version 3.0.1.6 IF3 or 4.0.7 or later.
CVE-2014-3050 affects IBM Rational Team Concert versions 3.x before 3.0.1.6 IF3 and 4.x before 4.0.7.
No, CVE-2014-3050 can only be exploited by remote authenticated users.
The risks associated with CVE-2014-3050 include unauthorized access to sensitive credentials, potentially compromising user accounts.