CVE-2017-1191
UnknownEPSS 0.74%
Last modified
CVE-2017-1191 is a vulnerability of currently unknown severity. An undisclosed vulnerability in CLM applications (including IBM Rational Collaborative Lifecycle Management 4.0, 5.0, and 6.0) with potential for failure to restrict URL Access. IBM X-Force ID: 123661.. EPSS estimates a 0.74% chance of exploitation in the next 30 days.
Description
An undisclosed vulnerability in CLM applications (including IBM Rational Collaborative Lifecycle Management 4.0, 5.0, and 6.0) with potential for failure to restrict URL Access. IBM X-Force ID: 123661.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Rational Collaborative Lifecycle Management | >= 4.0.0, <= 6.0.4 |
| Ibm | Rational Quality Manager | >= 4.0.0, <= 4.0.7 |
| Ibm | Rational Quality Manager | >= 5.0.0, <= 5.0.2 |
| Ibm | Rational Quality Manager | >= 6.0.0, <= 6.0.4 |
| Ibm | Rational Team Concert | >= 4.0.0, <= 4.0.7 |
| Ibm | Rational Team Concert | >= 5.0.0, <= 5.0.2 |
| Ibm | Rational Team Concert | >= 6.0.0, <= 6.0.4 |
| Ibm | Rational Doors Next Generation | >= 4.0.1, <= 4.0.7 |
| Ibm | Rational Doors Next Generation | >= 5.0.0, <= 5.0.2 |
| Ibm | Rational Doors Next Generation | >= 6.0.0, <= 6.0.4 |
| Ibm | Rational Engineering Lifecycle Manager | >= 4.0.3, <= 4.0.7 |
| Ibm | Rational Engineering Lifecycle Manager | >= 5.0.0, <= 5.0.2 |
| Ibm | Rational Engineering Lifecycle Manager | >= 6.0.0, <= 6.0.4 |
| Ibm | Rational Rhapsody Design Manager | >= 4.0.0, <= 4.0.7 |
| Ibm | Rational Rhapsody Design Manager | >= 5.0.0, <= 5.0.2 |
| Ibm | Rational Rhapsody Design Manager | >= 6.0.0, <= 6.0.4 |
| Ibm | Rational Software Architect Design Manager | >= 4.0.0, <= 4.0.7 |
| Ibm | Rational Software Architect Design Manager | 5.0.0 |
| Ibm | Rational Software Architect Design Manager | 5.0.1 |
| Ibm | Rational Software Architect Design Manager | 5.0.2 |
| Ibm | Rational Software Architect Design Manager | 6.0.0 |
| Ibm | Rational Software Architect Design Manager | 6.0.1 |
References
- http://www.ibm.com/support/docview.wss?uid=swg22011815Issue Tracking, Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/123661Issue Tracking, VDB Entry, Vendor Advisory
- http://www.ibm.com/support/docview.wss?uid=swg22011815Issue Tracking, Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/123661Issue Tracking, VDB Entry, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-1191?
An undisclosed vulnerability in CLM applications (including IBM Rational Collaborative Lifecycle Management 4.0, 5.0, and 6.0) with potential for failure to restrict URL Access. IBM X-Force ID: 123661.
How severe is CVE-2017-1191?
Severity scoring for CVE-2017-1191 is pending analysis. The EPSS model estimates a 0.74% probability of exploitation in the next 30 days.
How do I fix CVE-2017-1191?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2017-1191?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST