What is the severity of CVE-2021-29774?

The severity of CVE-2021-29774 is high.

Which products are affected by CVE-2021-29774?

IBM CLM, IBM ELM, IBM Engineering Requirements Quality Assistant, IBM Engineering Requirements Quality Assistant On-Premises, IBM EWM, IBM RTC, IBM Engineering Systems Design Rhapsody, IBM DOORS Next, IBM RDNG, IBM Engineering Lifecycle Optimization, IBM Engineering Workflow Management, and IBM Rational Collaborative Lifecycle Management are affected by CVE-2021-29774.

What is IBM X-Force ID for CVE-2021-29774?

The IBM X-Force ID for CVE-2021-29774 is 203025.

Where can I find more information about CVE-2021-29774?

You can find more information about CVE-2021-29774 on the IBM X-Force ID page: https://exchange.xforce.ibmcloud.com/vulnerabilities/203025.

Vulnerability/
CVE-2021-29774

high

7.5

25/10/2021

27/10/2021

17/9/2024

CVE-2021-29774

Q: What is the description of CVE-2021-29774?

CVE-2021-29774 is a vulnerability that could allow an authenticated user to obtain elevated privileges under certain configurations in IBM Jazz Team Server products.

First published: Mon Oct 25 2021(Updated: )

IBM Engineering Requirements Quality Assistant could allow an authenticated user to obtain elevated privileges under certain configurations.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM CLM	<=6.0.6.1
IBM CLM	<=6.0.6
IBM ELM	<=7.0.2
IBM ELM	<=7.0
IBM ELM	<=7.0.1
IBM Engineering Requirements Quality Assistant	<=1.0
IBM Engineering Requirements Quality Assistant On-Premises	<=All
IBM EWM	<=7.0.2
IBM EWM	<=7.0.1
IBM RTC	<=6.0.2
IBM RTC	<=6.0.6.1
IBM EWM	<=7.0
IBM RTC	<=6.0.6
IBM Engineering Systems Design Rhapsody	<=All
IBM DOORS Next	<=7.0.2
IBM DOORS Next	<=7.0
IBM DOORS Next	<=7.0.1
IBM RDNG	<=6.0.6.1
IBM RDNG	<=6.0.6
IBM Engineering Lifecycle Optimization	=7.0.1
IBM Engineering Lifecycle Optimization	=7.0.2
IBM Engineering Workflow Management	=6.0.6
IBM Engineering Workflow Management	=6.0.6.1
IBM Engineering Workflow Management	=7.0
IBM Engineering Workflow Management	=7.0.1
IBM Engineering Workflow Management	=7.0.2
IBM Rational Collaborative Lifecycle Management	=6.0.6
IBM Rational Collaborative Lifecycle Management	=6.0.6.1
IBM Rational DOORS Next Generation	=6.0.2
IBM Rational DOORS Next Generation	=6.0.6
IBM Rational DOORS Next Generation	=6.0.6.1
IBM Rational DOORS Next Generation	=7.0
IBM Rational Engineering Lifecycle Manager	=6.0.6
IBM Rational Engineering Lifecycle Manager	=6.0.6.1
IBM Rational Engineering Lifecycle Manager	=7.0
IBM Rational Engineering Lifecycle Manager	=7.0.1
IBM Rational Engineering Lifecycle Manager	=7.0.2
IBM Rational Team Concert	=6.0.2
IBM Rational Team Concert	=6.0.6
IBM Rational Team Concert	=6.0.6.1
IBM Rational Team Concert	=7.0

Remedy

https://www.ibm.com/support/pages/node/6508583

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-6508583

Frequently Asked Questions

What is the severity of CVE-2021-29774?
The severity of CVE-2021-29774 is high.
Which products are affected by CVE-2021-29774?
IBM CLM, IBM ELM, IBM Engineering Requirements Quality Assistant, IBM Engineering Requirements Quality Assistant On-Premises, IBM EWM, IBM RTC, IBM Engineering Systems Design Rhapsody, IBM DOORS Next, IBM RDNG, IBM Engineering Lifecycle Optimization, IBM Engineering Workflow Management, and IBM Rational Collaborative Lifecycle Management are affected by CVE-2021-29774.
What is IBM X-Force ID for CVE-2021-29774?
The IBM X-Force ID for CVE-2021-29774 is 203025.
What is the description of CVE-2021-29774?
CVE-2021-29774 is a vulnerability that could allow an authenticated user to obtain elevated privileges under certain configurations in IBM Jazz Team Server products.
Where can I find more information about CVE-2021-29774?
You can find more information about CVE-2021-29774 on the IBM X-Force ID page: https://exchange.xforce.ibmcloud.com/vulnerabilities/203025.

agent/references
agent/type
agent/last-modified-date
agent/first-publish-date
collector/nvd-index
agent/software-canonical-lookup-request
agent/remedy
agent/severity
agent/author
agent/softwarecombine
agent/event
agent/description
collector/ibm-support
source/IBM
agent/software-canonical-lookup
agent/tags
collector/mitre-cve
source/MITRE
vendor/ibm
canonical/ibm engineering lifecycle optimization
version/ibm engineering lifecycle optimization/7.0.1
version/ibm engineering lifecycle optimization/7.0.2
canonical/ibm engineering workflow management
version/ibm engineering workflow management/6.0.6
version/ibm engineering workflow management/6.0.6.1
version/ibm engineering workflow management/7.0
version/ibm engineering workflow management/7.0.1
version/ibm engineering workflow management/7.0.2
canonical/ibm rational collaborative lifecycle management
version/ibm rational collaborative lifecycle management/6.0.6
version/ibm rational collaborative lifecycle management/6.0.6.1
canonical/ibm rational doors next generation
version/ibm rational doors next generation/6.0.2
version/ibm rational doors next generation/6.0.6
version/ibm rational doors next generation/6.0.6.1
version/ibm rational doors next generation/7.0
canonical/ibm rational engineering lifecycle manager
version/ibm rational engineering lifecycle manager/6.0.6
version/ibm rational engineering lifecycle manager/6.0.6.1
version/ibm rational engineering lifecycle manager/7.0
version/ibm rational engineering lifecycle manager/7.0.1
version/ibm rational engineering lifecycle manager/7.0.2
canonical/ibm rational team concert
version/ibm rational team concert/6.0.2
version/ibm rational team concert/6.0.6
version/ibm rational team concert/6.0.6.1
version/ibm rational team concert/7.0
canonical/ibm clm
version/ibm clm/6.0.6.1
version/ibm clm/6.0.6
canonical/ibm elm
version/ibm elm/7.0.2
version/ibm elm/7.0
version/ibm elm/7.0.1
canonical/ibm engineering requirements quality assistant
version/ibm engineering requirements quality assistant/1.0
canonical/ibm engineering requirements quality assistant on-premises
version/ibm engineering requirements quality assistant on-premises/all
canonical/ibm ewm
version/ibm ewm/7.0.2
version/ibm ewm/7.0.1
canonical/ibm rtc
version/ibm rtc/6.0.2
version/ibm rtc/6.0.6.1
version/ibm ewm/7.0
version/ibm rtc/6.0.6
canonical/ibm engineering systems design rhapsody
version/ibm engineering systems design rhapsody/all
canonical/ibm doors next
version/ibm doors next/7.0.2
version/ibm doors next/7.0
version/ibm doors next/7.0.1
canonical/ibm rdng
version/ibm rdng/6.0.6.1
version/ibm rdng/6.0.6