CVE-2017-1559: Infoleak
First published: Fri Jul 06 2018(Updated: )
Multiple IBM Rational products could disclose sensitive information by an attacker that intercepts vulnerable requests. IBM X-Force ID: 131758.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Rational Collaborative Lifecycle Management | >=6.0.0<=6.0.5 | |
| IBM Rational Collaborative Lifecycle Management | =5.0.1 | |
| IBM Rational Team Concert | >=6.0.0<=6.0.5 | |
| IBM Rational Team Concert | =5.0.1 | |
| IBM Rational DOORS Next Generation | >=6.0.0<=6.0.5 | |
| IBM Rational DOORS Next Generation | =5.0.1 | |
| IBM Rational Quality Manager | >=6.0.0<=6.0.5 | |
| IBM Rational Quality Manager | =5.0.1 | |
| IBM Rational Rhapsody Design Manager | >=6.0.0<=6.0.5 | |
| IBM Rational Rhapsody Design Manager | =5.0.1 | |
| IBM Rational Software Architect Design Manager | =5.0.1 | |
| IBM Rational Software Architect Design Manager | =6.0.0 | |
| IBM Rational Software Architect Design Manager | =6.0.1 | |
| IBM Rational Engineering Lifecycle Manager | >=6.0.0<=6.0.5 | |
| IBM Rational Engineering Lifecycle Manager | =5.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2017-1559.
What is the severity of CVE-2017-1559?
The severity of CVE-2017-1559 is medium with a CVSS score of 4.3.
Which IBM Rational products are affected by CVE-2017-1559?
IBM Rational Collaborative Lifecycle Management, IBM Rational Team Concert, IBM Rational DOORS Next Generation, IBM Rational Quality Manager, IBM Rational Rhapsody Design Manager, IBM Rational Software Architect Design Manager, and IBM Rational Engineering Lifecycle Manager are affected by CVE-2017-1559.
How could an attacker exploit CVE-2017-1559?
An attacker could exploit CVE-2017-1559 by intercepting vulnerable requests and disclosing sensitive information.
Is there a fix available for CVE-2017-1559?
Yes, it is recommended to apply the necessary security patches provided by IBM to fix CVE-2017-1559.
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/description
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm rational collaborative lifecycle management
- version/ibm rational collaborative lifecycle management/6.0.0
- version/ibm rational collaborative lifecycle management/6.0.5
- version/ibm rational collaborative lifecycle management/5.0.1
- canonical/ibm rational team concert
- version/ibm rational team concert/6.0.0
- version/ibm rational team concert/6.0.5
- version/ibm rational team concert/5.0.1
- canonical/ibm rational doors next generation
- version/ibm rational doors next generation/6.0.0
- version/ibm rational doors next generation/6.0.5
- version/ibm rational doors next generation/5.0.1
- canonical/ibm rational quality manager
- version/ibm rational quality manager/6.0.0
- version/ibm rational quality manager/6.0.5
- version/ibm rational quality manager/5.0.1
- canonical/ibm rational rhapsody design manager
- version/ibm rational rhapsody design manager/6.0.0
- version/ibm rational rhapsody design manager/6.0.5
- version/ibm rational rhapsody design manager/5.0.1
- canonical/ibm rational software architect design manager
- version/ibm rational software architect design manager/5.0.1
- version/ibm rational software architect design manager/6.0.0
- version/ibm rational software architect design manager/6.0.1
- canonical/ibm rational engineering lifecycle manager
- version/ibm rational engineering lifecycle manager/6.0.0
- version/ibm rational engineering lifecycle manager/6.0.5
- version/ibm rational engineering lifecycle manager/5.0.1