First published: Sat May 30 2015(Updated: )
IBM Rational Requirements Composer 3.0 through 3.0.1.6 and 4.0 through 4.0.7 and Rational DOORS Next Generation (RDNG) 4.0 through 4.0.7 and 5.0 through 5.0.2, when LTPA single sign on is used with WebSphere Application Server, do not terminate a Requirements Management (RM) session upon LTPA token expiration, which allows remote attackers to obtain access by leveraging an unattended workstation.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Rational Requirements Composer | =3.0 | |
IBM Rational Requirements Composer | =3.0.1 | |
IBM Rational Requirements Composer | =3.0.1.1 | |
IBM Rational Requirements Composer | =3.0.1.2 | |
IBM Rational Requirements Composer | =3.0.1.3 | |
IBM Rational Requirements Composer | =3.0.1.4 | |
IBM Rational Requirements Composer | =3.0.1.5 | |
IBM Rational Requirements Composer | =3.0.1.6 | |
IBM Rational Requirements Composer | =4.0 | |
IBM Rational Requirements Composer | =4.0.0 | |
IBM Rational Requirements Composer | =4.0.0.1 | |
IBM Rational Requirements Composer | =4.0.0.2 | |
IBM Rational Requirements Composer | =4.0.1 | |
IBM Rational Requirements Composer | =4.0.2 | |
IBM Rational Requirements Composer | =4.0.3 | |
IBM Rational Requirements Composer | =4.0.4 | |
IBM Rational Requirements Composer | =4.0.5 | |
IBM Rational Requirements Composer | =4.0.6 | |
IBM Rational Requirements Composer | =4.0.7 | |
IBM Rational DOORS Next Generation | =4.0.0 | |
IBM Rational DOORS Next Generation | =4.0.1 | |
IBM Rational DOORS Next Generation | =4.0.2 | |
IBM Rational DOORS Next Generation | =4.0.3 | |
IBM Rational DOORS Next Generation | =4.0.4 | |
IBM Rational DOORS Next Generation | =4.0.5 | |
IBM Rational DOORS Next Generation | =4.0.6 | |
IBM Rational DOORS Next Generation | =4.0.7 | |
IBM Rational DOORS Next Generation | =5.0 | |
IBM Rational DOORS Next Generation | =5.0.1 | |
IBM Rational DOORS Next Generation | =5.0.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.