CVE-2015-7440
First published: Thu Mar 15 2018(Updated: )
IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, and 4.0.7 before iFix10, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4 might allow local users to gain privileges via unspecified vectors. IBM X-Force ID: 108098.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Rational Collaborative Lifecycle Management | >=3.0.1<=6.0.1 | |
| IBM Rational Quality Manager | >=3.0<=3.0.1.6 | |
| IBM Rational Quality Manager | >=4.0<=4.0.7 | |
| IBM Rational Quality Manager | =5.0 | |
| IBM Rational Quality Manager | =5.0.1 | |
| IBM Rational Quality Manager | =5.0.2 | |
| IBM Rational Quality Manager | =6.0 | |
| IBM Rational Quality Manager | =6.0.1 | |
| IBM Rational Team Concert | >=3.0<=3.0.6 | |
| IBM Rational Team Concert | >=4.0<=4.0.7 | |
| IBM Rational Team Concert | =5.0 | |
| IBM Rational Team Concert | =5.0.1 | |
| IBM Rational Team Concert | =5.0.2 | |
| IBM Rational Team Concert | =6.0 | |
| IBM Rational Team Concert | =6.0.1 | |
| IBM Rational Requirements Composer | >=3.0<=3.0.1.6 | |
| IBM Rational Requirements Composer | >=4.0<=4.0.7 | |
| IBM Rational DOORS Next Generation | >=4.0<=4.0.7 | |
| IBM Rational DOORS Next Generation | =5.0 | |
| IBM Rational DOORS Next Generation | =5.0.1 | |
| IBM Rational DOORS Next Generation | =5.0.2 | |
| IBM Rational DOORS Next Generation | =6.0.0 | |
| IBM Rational DOORS Next Generation | =6.0.1 | |
| IBM Rational Engineering Lifecycle Manager | >=4.0.3<=4.0.7 | |
| IBM Rational Engineering Lifecycle Manager | =5.0 | |
| IBM Rational Engineering Lifecycle Manager | =5.0.1 | |
| IBM Rational Engineering Lifecycle Manager | =5.0.2 | |
| IBM Rational Engineering Lifecycle Manager | =6.0 | |
| IBM Rational Engineering Lifecycle Manager | =6.0.1 | |
| IBM Rational Rhapsody Design Manager | >=4.0<=4.0.7 | |
| IBM Rational Rhapsody Design Manager | =5.0 | |
| IBM Rational Rhapsody Design Manager | =5.0.1 | |
| IBM Rational Rhapsody Design Manager | =5.0.2 | |
| IBM Rational Rhapsody Design Manager | =6.0 | |
| IBM Rational Rhapsody Design Manager | =6.0.1 | |
| IBM Rational Software Architect Design Manager | >=4.0<=4.0.7 | |
| IBM Rational Software Architect Design Manager | =5.0 | |
| IBM Rational Software Architect Design Manager | =5.0.1 | |
| IBM Rational Software Architect Design Manager | =5.0.2 | |
| IBM Rational Software Architect Design Manager | =6.0 | |
| IBM Rational Software Architect Design Manager | =6.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this issue?
The vulnerability ID of this issue is CVE-2015-7440.
What is the severity of CVE-2015-7440?
The severity of CVE-2015-7440 is high.
Which software products are affected by CVE-2015-7440?
IBM Rational Collaborative Lifecycle Management (CLM), Rational Quality Manager (RQM), Rational Team Concert, Rational Requirements Composer, Rational DOORS Next Generation, Rational Engineering Lifecycle Manager, Rational Rhapsody Design Manager, and Rational Software Architect Design Manager are affected.
How can I fix CVE-2015-7440?
Apply the specified iFix or upgrade to a version that includes the fix.
Where can I find more information about CVE-2015-7440?
You can find more information about CVE-2015-7440 at the IBM support website and the IBM X-Force Exchange.
- collector/nvd-index
- agent/author
- agent/severity
- agent/references
- agent/weakness
- agent/type
- agent/description
- agent/event
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm rational collaborative lifecycle management
- version/ibm rational collaborative lifecycle management/3.0.1
- version/ibm rational collaborative lifecycle management/6.0.1
- canonical/ibm rational quality manager
- version/ibm rational quality manager/3.0
- version/ibm rational quality manager/3.0.1.6
- version/ibm rational quality manager/4.0
- version/ibm rational quality manager/4.0.7
- version/ibm rational quality manager/5.0
- version/ibm rational quality manager/5.0.1
- version/ibm rational quality manager/5.0.2
- version/ibm rational quality manager/6.0
- version/ibm rational quality manager/6.0.1
- canonical/ibm rational team concert
- version/ibm rational team concert/3.0
- version/ibm rational team concert/3.0.6
- version/ibm rational team concert/4.0
- version/ibm rational team concert/4.0.7
- version/ibm rational team concert/5.0
- version/ibm rational team concert/5.0.1
- version/ibm rational team concert/5.0.2
- version/ibm rational team concert/6.0
- version/ibm rational team concert/6.0.1
- canonical/ibm rational requirements composer
- version/ibm rational requirements composer/3.0
- version/ibm rational requirements composer/3.0.1.6
- version/ibm rational requirements composer/4.0
- version/ibm rational requirements composer/4.0.7
- canonical/ibm rational doors next generation
- version/ibm rational doors next generation/4.0
- version/ibm rational doors next generation/4.0.7
- version/ibm rational doors next generation/5.0
- version/ibm rational doors next generation/5.0.1
- version/ibm rational doors next generation/5.0.2
- version/ibm rational doors next generation/6.0.0
- version/ibm rational doors next generation/6.0.1
- canonical/ibm rational engineering lifecycle manager
- version/ibm rational engineering lifecycle manager/4.0.3
- version/ibm rational engineering lifecycle manager/4.0.7
- version/ibm rational engineering lifecycle manager/5.0
- version/ibm rational engineering lifecycle manager/5.0.1
- version/ibm rational engineering lifecycle manager/5.0.2
- version/ibm rational engineering lifecycle manager/6.0
- version/ibm rational engineering lifecycle manager/6.0.1
- canonical/ibm rational rhapsody design manager
- version/ibm rational rhapsody design manager/4.0
- version/ibm rational rhapsody design manager/4.0.7
- version/ibm rational rhapsody design manager/5.0
- version/ibm rational rhapsody design manager/5.0.1
- version/ibm rational rhapsody design manager/5.0.2
- version/ibm rational rhapsody design manager/6.0
- version/ibm rational rhapsody design manager/6.0.1
- canonical/ibm rational software architect design manager
- version/ibm rational software architect design manager/4.0
- version/ibm rational software architect design manager/4.0.7
- version/ibm rational software architect design manager/5.0
- version/ibm rational software architect design manager/5.0.1
- version/ibm rational software architect design manager/5.0.2
- version/ibm rational software architect design manager/6.0
- version/ibm rational software architect design manager/6.0.1