Vulnerability Description
IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1 and 4.0 before 4.0.7 iFix10 allow remote authenticated users with access to lifecycle projects to obtain sensitive information by sending a crafted URL to the Lifecycle Query Engine. IBM X-Force ID: 108619.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Rational Engineering Lifecycle Manager | >= 3.0, <= 3.0.1.6 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21983720PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/108619VDB EntryVendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21983720PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/108619VDB EntryVendor Advisory
FAQ
What is CVE-2015-7484?
CVE-2015-7484 is a vulnerability with a CVSS score of 4.3 (MEDIUM). IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1 and 4.0 before 4.0.7 iFix10 allow remote authenticated users with access to lifecycle projects to obtain sensitive inf...
How severe is CVE-2015-7484?
CVE-2015-7484 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-7484?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Rational Engineering Lifecycle Manager.