CVE-2017-1602
UnknownEPSS 1.23%
Last modified
CVE-2017-1602 is a vulnerability of currently unknown severity. IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to access settings that they should not be able to using a specially crafted URL. IBM X-Force ID: 132625.. EPSS estimates a 1.23% chance of exploitation in the next 30 days.
Description
IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to access settings that they should not be able to using a specially crafted URL. IBM X-Force ID: 132625.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Rational Collaborative Lifecycle Management | >= 4.0.0, <= 6.0.5 |
| Ibm | Rational Quality Manager | >= 4.0.0, <= 4.0.7 |
| Ibm | Rational Quality Manager | >= 6.0.0, <= 6.0.5 |
| Ibm | Rational Quality Manager | 5.0.0 |
| Ibm | Rational Quality Manager | 5.0.1 |
| Ibm | Rational Quality Manager | 5.0.2 |
| Ibm | Rational Team Concert | >= 4.0.0, <= 4.0.7 |
| Ibm | Rational Team Concert | >= 6.0.0, <= 6.0.5 |
| Ibm | Rational Team Concert | 5.0.0 |
| Ibm | Rational Team Concert | 5.0.1 |
| Ibm | Rational Team Concert | 5.0.2 |
| Ibm | Rational Doors Next Generation | >= 4.0.1, <= 4.0.7 |
| Ibm | Rational Doors Next Generation | >= 6.0.0, <= 6.0.5 |
| Ibm | Rational Doors Next Generation | 5.0.0 |
| Ibm | Rational Doors Next Generation | 5.0.1 |
| Ibm | Rational Doors Next Generation | 5.0.2 |
| Ibm | Rational Engineering Lifecycle Manager | >= 4.0.3, <= 4.0.7 |
| Ibm | Rational Engineering Lifecycle Manager | >= 6.0.0, <= 6.0.5 |
| Ibm | Rational Engineering Lifecycle Manager | 5.0.0 |
| Ibm | Rational Engineering Lifecycle Manager | 5.0.1 |
| Ibm | Rational Engineering Lifecycle Manager | 5.0.2 |
| Ibm | Rational Rhapsody Design Manager | >= 4.0, <= 4.0.7 |
| Ibm | Rational Rhapsody Design Manager | >= 6.0.0, <= 6.0.5 |
| Ibm | Rational Rhapsody Design Manager | 5.0.0 |
| Ibm | Rational Rhapsody Design Manager | 5.0.1 |
| Ibm | Rational Rhapsody Design Manager | 5.0.2 |
| Ibm | Rational Software Architect Design Manager | >= 4.0.0, <= 4.0.7 |
| Ibm | Rational Software Architect Design Manager | 5.0.0 |
| Ibm | Rational Software Architect Design Manager | 5.0.1 |
| Ibm | Rational Software Architect Design Manager | 5.0.2 |
| Ibm | Rational Software Architect Design Manager | 6.0.0 |
| Ibm | Rational Software Architect Design Manager | 6.0.1 |
References
- http://www.ibm.com/support/docview.wss?uid=swg22014815Patch, Vendor Advisory
- http://www.securityfocus.com/bid/103477Third Party Advisory, VDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/132625VDB Entry, Vendor Advisory
- http://www.ibm.com/support/docview.wss?uid=swg22014815Patch, Vendor Advisory
- http://www.securityfocus.com/bid/103477Third Party Advisory, VDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/132625VDB Entry, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-1602?
IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to access settings that they should not be able to using a specially crafted URL. IBM X-Force ID: 132625.
How severe is CVE-2017-1602?
Severity scoring for CVE-2017-1602 is pending analysis. The EPSS model estimates a 1.23% probability of exploitation in the next 30 days.
How do I fix CVE-2017-1602?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2017-1602?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST