CVE-2017-1725: Infoleak
First published: Tue Apr 24 2018(Updated: )
IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM), and Rational Software Architect (RSA DM) contain an undisclosed vulnerability with the potential for information disclosure. IBM X-Force ID: 134820.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Collaborative Lifecycle Management | >5.0<=6.0.5 | |
| IBM Engineering Requirements Management DOORS Next Generation | >=5.0<=5.0.2 | |
| IBM Engineering Requirements Management DOORS Next Generation | >=6.0<=6.0.5 | |
| IBM Engineering Lifecycle Manager | >=5.0<=5.0.2 | |
| IBM Engineering Lifecycle Manager | >=6.0<=6.0.5 | |
| IBM Rational Quality Manager | >=5.0<=5.0.2 | |
| IBM Rational Quality Manager | >=6.0<=6.0.5 | |
| IBM Rational Rhapsody | >=5.0<=5.0.2 | |
| IBM Rational Rhapsody | >=6.0<=6.0.5 | |
| IBM Rational Software Architect | >=5.0<=5.0.2 | |
| IBM Rational Software Architect | >=6.0<=6.0.1 | |
| IBM Rational Team Concert | >=5.0<=5.0.2 | |
| IBM Rational Team Concert | >=6.0<=6.0.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-1725?
The severity of CVE-2017-1725 is medium with a CVSS score of 4.3.
Which IBM Rational products are affected by CVE-2017-1725?
IBM Jazz Team Server affects the following IBM Rational products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody), and Rational Software Architect Design Manager.
How can I mitigate the vulnerability in IBM Rational Collaborative Lifecycle Management (CLM)?
To mitigate the vulnerability in IBM Rational Collaborative Lifecycle Management (CLM), upgrade to a version between 5.0 to 6.0.5.
What should I do to fix the vulnerability in IBM Rational DOORS Next Generation?
To fix the vulnerability in IBM Rational DOORS Next Generation, upgrade to a version between 5.0 to 6.0.5.
Is IBM Rational Team Concert affected by CVE-2017-1725?
Yes, IBM Rational Team Concert is affected by CVE-2017-1725. It is recommended to upgrade to a version between 5.0 to 6.0.5 to mitigate the vulnerability.
- agent/references
- agent/type
- agent/severity
- agent/author
- agent/description
- agent/weakness
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ibm
- canonical/ibm collaborative lifecycle management
- version/ibm collaborative lifecycle management/6.0.5
- canonical/ibm engineering requirements management doors next generation
- version/ibm engineering requirements management doors next generation/5.0
- version/ibm engineering requirements management doors next generation/5.0.2
- version/ibm engineering requirements management doors next generation/6.0
- version/ibm engineering requirements management doors next generation/6.0.5
- canonical/ibm engineering lifecycle manager
- version/ibm engineering lifecycle manager/5.0
- version/ibm engineering lifecycle manager/5.0.2
- version/ibm engineering lifecycle manager/6.0
- version/ibm engineering lifecycle manager/6.0.5
- canonical/ibm rational quality manager
- version/ibm rational quality manager/5.0
- version/ibm rational quality manager/5.0.2
- version/ibm rational quality manager/6.0
- version/ibm rational quality manager/6.0.5
- canonical/ibm rational rhapsody
- version/ibm rational rhapsody/5.0
- version/ibm rational rhapsody/5.0.2
- version/ibm rational rhapsody/6.0
- version/ibm rational rhapsody/6.0.5
- canonical/ibm rational software architect
- version/ibm rational software architect/5.0
- version/ibm rational software architect/5.0.2
- version/ibm rational software architect/6.0
- version/ibm rational software architect/6.0.1
- canonical/ibm rational team concert
- version/ibm rational team concert/5.0
- version/ibm rational team concert/5.0.2
- version/ibm rational team concert/6.0
- version/ibm rational team concert/6.0.5