Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Engineering Lifecycle Manager (RELM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; Rational Rhapsody Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1; and Rational Software Architect Design Manager (DM) 4.x through 4.0.7, 5.x through 5.0.2, and 6.x before 6.0.1 uses weak permissions for unspecified project areas, which allows remote authenticated users to obtain sensitive information via unknown vectors.
                
            References
                    | Link | Resource | 
|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg21973404 | Vendor Advisory | 
| http://www-01.ibm.com/support/docview.wss?uid=swg21973404 | Vendor Advisory | 
Configurations
                    Configuration 1 (hide)
| 
 | 
Configuration 2 (hide)
| 
 | 
Configuration 3 (hide)
| 
 | 
Configuration 4 (hide)
| 
 | 
Configuration 5 (hide)
| 
 | 
Configuration 6 (hide)
| 
 | 
Configuration 7 (hide)
| 
 | 
Configuration 8 (hide)
| 
 | 
History
                    No history.
Information
                Published : 2016-01-03 05:59
Updated : 2025-04-12 10:46
NVD link : CVE-2015-4962
Mitre link : CVE-2015-4962
CVE.ORG link : CVE-2015-4962
JSON object : View
Products Affected
                ibm
- rational_engineering_lifecycle_manager
- rational_collaborative_lifecycle_management
- rational_doors_next_generation
- rational_team_concert
- rational_rhapsody_design_manager
- rational_requirements_composer
- rational_quality_manager
- rational_software_architect_design_manager
CWE
                
                    
                        
                        CWE-200
                        
            Exposure of Sensitive Information to an Unauthorized Actor
