What is the severity of CVE-2016-0326?

CVE-2016-0326 is considered a high-severity vulnerability allowing remote authenticated users to execute arbitrary OS commands.

How do I fix CVE-2016-0326?

To remediate CVE-2016-0326, upgrade to IBM Rational Quality Manager or Rational Collaborative Lifecycle Management versions that are patched for this vulnerability.

Which versions are affected by CVE-2016-0326?

CVE-2016-0326 affects multiple versions including IBM Rational Collaborative Lifecycle Management 4.x, 5.x, 6.x, and IBM Rational Quality Manager up to 6.0.1.

Can CVE-2016-0326 be exploited without authentication?

No, CVE-2016-0326 requires that the attacker is a remote authenticated user to exploit the vulnerability.

What are the implications of CVE-2016-0326 for network security?

CVE-2016-0326 poses critical risks as it allows authenticated users to execute OS commands, potentially compromising the entire system.

Vulnerability/
CVE-2016-0326

high

8.8

CWE

22/10/2016

5/8/2024

CVE-2016-0326: Command Injection

First published: Sat Oct 22 2016(Updated: )

IBM Rational Quality Manager (RQM) and Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.x before 4.0.7 iFix11, 5.x before 5.0.2 iFix17, and 6.x before 6.0.1 ifix3 allow remote authenticated users to execute arbitrary OS commands via a crafted "HTML request."

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Collaborative Lifecycle Management	=4.0.0
IBM Collaborative Lifecycle Management	=4.0.1
IBM Collaborative Lifecycle Management	=4.0.2
IBM Collaborative Lifecycle Management	=4.0.3
IBM Collaborative Lifecycle Management	=4.0.4
IBM Collaborative Lifecycle Management	=4.0.5
IBM Collaborative Lifecycle Management	=4.0.6
IBM Collaborative Lifecycle Management	=4.0.7
IBM Collaborative Lifecycle Management	=5.0.0
IBM Collaborative Lifecycle Management	=5.0.1
IBM Collaborative Lifecycle Management	=5.0.2
IBM Collaborative Lifecycle Management	=6.0.0
IBM Collaborative Lifecycle Management	=6.0.1
IBM Rational Quality Manager	=3.0.1.6
IBM Rational Quality Manager	=4.0
IBM Rational Quality Manager	=4.0.0.1
IBM Rational Quality Manager	=4.0.0.2
IBM Rational Quality Manager	=4.0.1
IBM Rational Quality Manager	=4.0.2
IBM Rational Quality Manager	=4.0.3
IBM Rational Quality Manager	=4.0.4
IBM Rational Quality Manager	=4.0.5
IBM Rational Quality Manager	=4.0.6
IBM Rational Quality Manager	=4.0.7
IBM Rational Quality Manager	=5.0.0
IBM Rational Quality Manager	=5.0.1
IBM Rational Quality Manager	=5.0.2
IBM Rational Quality Manager	=6.0.0
IBM Rational Quality Manager	=6.0.1

Remedy

http://www-01.ibm.com/support/docview.wss?uid=swg21989735

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-0326?
CVE-2016-0326 is considered a high-severity vulnerability allowing remote authenticated users to execute arbitrary OS commands.
How do I fix CVE-2016-0326?
To remediate CVE-2016-0326, upgrade to IBM Rational Quality Manager or Rational Collaborative Lifecycle Management versions that are patched for this vulnerability.
Which versions are affected by CVE-2016-0326?
CVE-2016-0326 affects multiple versions including IBM Rational Collaborative Lifecycle Management 4.x, 5.x, 6.x, and IBM Rational Quality Manager up to 6.0.1.
Can CVE-2016-0326 be exploited without authentication?
No, CVE-2016-0326 requires that the attacker is a remote authenticated user to exploit the vulnerability.
What are the implications of CVE-2016-0326 for network security?
CVE-2016-0326 poses critical risks as it allows authenticated users to execute OS commands, potentially compromising the entire system.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/severity
agent/remedy
agent/weakness
agent/last-modified-date
agent/first-publish-date
agent/description
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm collaborative lifecycle management
version/ibm collaborative lifecycle management/4.0.0
version/ibm collaborative lifecycle management/4.0.1
version/ibm collaborative lifecycle management/4.0.2
version/ibm collaborative lifecycle management/4.0.3
version/ibm collaborative lifecycle management/4.0.4
version/ibm collaborative lifecycle management/4.0.5
version/ibm collaborative lifecycle management/4.0.6
version/ibm collaborative lifecycle management/4.0.7
version/ibm collaborative lifecycle management/5.0.0
version/ibm collaborative lifecycle management/5.0.1
version/ibm collaborative lifecycle management/5.0.2
version/ibm collaborative lifecycle management/6.0.0
version/ibm collaborative lifecycle management/6.0.1
canonical/ibm rational quality manager
version/ibm rational quality manager/3.0.1.6
version/ibm rational quality manager/4.0
version/ibm rational quality manager/4.0.0.1
version/ibm rational quality manager/4.0.0.2
version/ibm rational quality manager/4.0.1
version/ibm rational quality manager/4.0.2
version/ibm rational quality manager/4.0.3
version/ibm rational quality manager/4.0.4
version/ibm rational quality manager/4.0.5
version/ibm rational quality manager/4.0.6
version/ibm rational quality manager/4.0.7
version/ibm rational quality manager/5.0.0
version/ibm rational quality manager/5.0.1
version/ibm rational quality manager/5.0.2
version/ibm rational quality manager/6.0.0
version/ibm rational quality manager/6.0.1