What is CVE-2016-0326?

CVE-2016-0326 is a high-severity vulnerability in Ibm Rational_collaborative_lifecycle_management, classified under Command Injection. CVSS score: 8.8/10. Published 2016-10-22.

How severe is CVE-2016-0326?

High severity. CVSS v3 base score is 8.8 out of 10.

RCE in Ibm Rational_collaborative_lifecycle_management

CVE-2016-0326

IBM Rational Quality Manager (RQM) and Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.x before 4.0.7 iFix11, 5.x before 5.0.2 iFix17, and 6.x before 6.0.1 ifix3 allow remote authenticated users to execute arbitrary OS…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.009 (76.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Ibm Rational_collaborative_lifecycle_management — versions 4.0.0, 4.0.1, 4.0.2
Ibm Rational_quality_manager — versions 3.0.1.6, 4.0, 4.0.0.1
N/a — versions n/a

Weakness classification (CWE)

CWE-77 — Command Injection

References

93824 (vdb-entry, x_refsource_BID)
psirt@us.ibm.com (x_refsource_CONFIRM, Patch, Vendor Advisory)

Frequently asked questions

What is CVE-2016-0326?: CVE-2016-0326 is a high-severity vulnerability in Ibm Rational_collaborative_lifecycle_management, classified under Command Injection. CVSS score: 8.8/10. Published 2016-10-22.
How severe is CVE-2016-0326?: High severity. CVSS v3 base score is 8.8 out of 10.