Vulnerability Details CVE-2015-7484
IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1 and 4.0 before 4.0.7 iFix10 allow remote authenticated users with access to lifecycle projects to obtain sensitive information by sending a crafted URL to the Lifecycle Query Engine. IBM X-Force ID: 108619.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.0%
CVSS Severity
CVSS v3 Score 4.3
CVSS v2 Score 4.0
References
Products affected by CVE-2015-7484
-
cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:*
-
cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0
-
cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.0
-
cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.1
-
cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.2
-
cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.3
-
cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.4
-
cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.5
-
cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.6
-
cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.7