What is the severity of CVE-2018-1762?

The severity of CVE-2018-1762 is medium with a CVSS score of 5.4.

How does CVE-2018-1762 affect IBM Rational Collaborative Lifecycle Management?

CVE-2018-1762 affects IBM Rational Collaborative Lifecycle Management versions 5.0 through 5.0.2 and 6.0 through 6.0.6 by making them vulnerable to cross-site scripting.

How can an attacker exploit CVE-2018-1762?

An attacker can exploit CVE-2018-1762 by embedding arbitrary JavaScript code in the Web UI of IBM Rational Collaborative Lifecycle Management, potentially leading to credentials disclosure.

How can I fix CVE-2018-1762?

To fix CVE-2018-1762, apply the necessary security patches provided by IBM.

Where can I find more information about CVE-2018-1762?

You can find more information about CVE-2018-1762 on the following references: BID 106053, IBM X-Force ID 148616, and IBM Support Document.

Vulnerability/
CVE-2018-1762

medium

5.4

CWE

27/11/2018

29/11/2018

16/9/2024

CVE-2018-1762: XSS

First published: Tue Nov 27 2018(Updated: )

IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148616.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Rational Collaborative Lifecycle Management	>=5.0.0<=6.0.6
IBM Rational DOORS Next Generation	>=5.0.0<=5.0.2
IBM Rational DOORS Next Generation	>=6.0.0<=6.0.6
IBM Rational Engineering Lifecycle Manager	>=5.0.0<=5.0.2
IBM Rational Engineering Lifecycle Manager	>=6.0.0<=6.0.6
IBM Rational Quality Manager	>=5.0.0<=5.0.2
IBM Rational Quality Manager	>=6.0.0<=6.0.6
IBM Rational Rhapsody Design Manager	>=5.0.0<=5.0.2
IBM Rational Rhapsody Design Manager	>=6.0.0<=6.0.6
IBM Rational Software Architect Design Manager	>=5.0.0<=5.0.2
IBM Rational Software Architect Design Manager	>=6.0.0<=6.0.1
IBM Rational Team Concert	>=5.0.0<=5.0.2
IBM Rational Team Concert	>=6.0.0<=6.0.6

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2018-1762?
The severity of CVE-2018-1762 is medium with a CVSS score of 5.4.
How does CVE-2018-1762 affect IBM Rational Collaborative Lifecycle Management?
CVE-2018-1762 affects IBM Rational Collaborative Lifecycle Management versions 5.0 through 5.0.2 and 6.0 through 6.0.6 by making them vulnerable to cross-site scripting.
How can an attacker exploit CVE-2018-1762?
An attacker can exploit CVE-2018-1762 by embedding arbitrary JavaScript code in the Web UI of IBM Rational Collaborative Lifecycle Management, potentially leading to credentials disclosure.
How can I fix CVE-2018-1762?
To fix CVE-2018-1762, apply the necessary security patches provided by IBM.
Where can I find more information about CVE-2018-1762?
You can find more information about CVE-2018-1762 on the following references: BID 106053, IBM X-Force ID 148616, and IBM Support Document.

collector/nvd-index
agent/weakness
agent/severity
agent/references
agent/author
agent/description
agent/type
agent/event
agent/first-publish-date
agent/softwarecombine
agent/last-modified-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/ibm
canonical/ibm rational collaborative lifecycle management
version/ibm rational collaborative lifecycle management/5.0.0
version/ibm rational collaborative lifecycle management/6.0.6
canonical/ibm rational doors next generation
version/ibm rational doors next generation/5.0.0
version/ibm rational doors next generation/5.0.2
version/ibm rational doors next generation/6.0.0
version/ibm rational doors next generation/6.0.6
canonical/ibm rational engineering lifecycle manager
version/ibm rational engineering lifecycle manager/5.0.0
version/ibm rational engineering lifecycle manager/5.0.2
version/ibm rational engineering lifecycle manager/6.0.0
version/ibm rational engineering lifecycle manager/6.0.6
canonical/ibm rational quality manager
version/ibm rational quality manager/5.0.0
version/ibm rational quality manager/5.0.2
version/ibm rational quality manager/6.0.0
version/ibm rational quality manager/6.0.6
canonical/ibm rational rhapsody design manager
version/ibm rational rhapsody design manager/5.0.0
version/ibm rational rhapsody design manager/5.0.2
version/ibm rational rhapsody design manager/6.0.0
version/ibm rational rhapsody design manager/6.0.6
canonical/ibm rational software architect design manager
version/ibm rational software architect design manager/5.0.0
version/ibm rational software architect design manager/5.0.2
version/ibm rational software architect design manager/6.0.0
version/ibm rational software architect design manager/6.0.1
canonical/ibm rational team concert
version/ibm rational team concert/5.0.0
version/ibm rational team concert/5.0.2
version/ibm rational team concert/6.0.0
version/ibm rational team concert/6.0.6