CVE-2017-1602 MEDIUM

CVE-2017-1602

Vendor Ibm
Product Rational Collaborative Lifecycle Management
Published March 23, 2018
Last update September 16, 2024

CVSS base score

4.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.0/A:N/AC:L/AV:N/C:N/I:L/PR:L/S:U/UI:N

What the vulnerability does

01Description

IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to access settings that they should not be able to using a specially crafted URL. IBM X-Force ID: 132625.

Key dates

02Disclosure timeline

March 23, 2018 CVE published
September 16, 2024 Record updated