Vulnerability Description
IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational DOORS Next Generation 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5; and other products, allows remote authenticated users to read the dashboards of arbitrary users via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Rational Doors Next Generation | 4.0.0 |
| Ibm | Rational Requirements Composer | 2.0 |
| Ibm | Rational Collaborative Lifecycle Management | 3.0.0 |
| Ibm | Rational Team Concert | 2.0.0.1 |
| Ibm | Rational Quality Manager | 2.0 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21698247PatchVendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21698247PatchVendor Advisory
FAQ
What is CVE-2014-6131?
CVE-2014-6131 is a vulnerability with a CVSS score of 4.0 (MEDIUM). IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1...
How severe is CVE-2014-6131?
CVE-2014-6131 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-6131?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Rational Doors Next Generation, Ibm Rational Requirements Composer, Ibm Rational Collaborative Lifecycle Management, Ibm Rational Team Concert, Ibm Rational Quality Manager.