What is CVE-2016-3014?

CVE-2016-3014 is a medium-severity vulnerability in Ibm Rational_collaborative_lifecycle_management, classified under Cross-site Scripting. CVSS score: 5.4/10. Published 2016-11-30.

How severe is CVE-2016-3014?

Medium severity. CVSS v3 base score is 5.4 out of 10.

XSS in Ibm Rational_collaborative_lifecycle_management

CVE-2016-3014

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Quality Manager 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Team Co…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.007 (72.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.4 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N.

Affected products

Ibm Rational_collaborative_lifecycle_management — versions 4.0.0, 4.0.1, 4.0.2
Ibm Rational_doors_next_generation — versions 4.0.0, 4.0.1, 4.0.2
Ibm Rational_engineering_lifecycle_manager — versions 4.0.0, 4.0.1, 4.0.2
Ibm Rational_quality_manager — versions 4.0.0, 4.0.1, 4.0.2
Ibm Rational_rhapsody_design_manager — versions 4.0, 4.0.1, 4.0.2
Ibm Rational_software_architect_design_manager — versions 4.0.0, 4.0.1, 4.0.2
Ibm Rational_team_concert — versions 4.0.0, 4.0.1, 4.0.2
N/a — versions n/a

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

References

1037026 (vdb-entry, x_refsource_SECTRACK)
93515 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
1037025 (vdb-entry, x_refsource_SECTRACK)
1037028 (vdb-entry, x_refsource_SECTRACK)
psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
1037027 (vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2016-3014?: CVE-2016-3014 is a medium-severity vulnerability in Ibm Rational_collaborative_lifecycle_management, classified under Cross-site Scripting. CVSS score: 5.4/10. Published 2016-11-30.
How severe is CVE-2016-3014?: Medium severity. CVSS v3 base score is 5.4 out of 10.