CVE-2018-1694 vulnerability in IBM Products
Published on November 6, 2018

IBM Jazz applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Quality Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Rhapsody Design Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Software Architect Design Manager 5.0 through 5.02 and 6.0 through 6.0.1, IBM Rational Team Concert 5.0 through 5.02 and 6.0 through 6.0.6) could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 145609.

NVD

Products Associated with CVE-2018-1694

Want to know whenever a new CVE is published for IBM products? stack.watch will email you.

IBM Rational Collaborative Lifecycle Management

IBM Rational Doors Next Generation

IBM Rational Engineering Lifecycle Manager

IBM Rational Quality Manager

IBM Rational Rhapsody Design Manager

IBM Rational Software Architect Design Manager

IBM Rational Team Concert

Affected Versions

IBM Rational Team Concert:

Version 5.0 is affected.
Version 6.0 is affected.
Version 6.0.1 is affected.
Version 6.0.2 is affected.
Version 6.0.3 is affected.
Version 6.0.4 is affected.
Version 6.0.5 is affected.
Version 6.0.6 is affected.
Version 5.01 is affected.
Version 5.02 is affected.

IBM Rational Software Architect Design Manager:

Version 5.0 is affected.
Version 6.0 is affected.
Version 6.0.1 is affected.
Version 5.01 is affected.
Version 5.02 is affected.

IBM Rational DOORS Next Generation:

Version 5.0 is affected.
Version 6.0 is affected.
Version 6.0.1 is affected.
Version 6.0.2 is affected.
Version 6.0.3 is affected.
Version 6.0.4 is affected.
Version 6.0.5 is affected.
Version 6.0.6 is affected.
Version 5.01 is affected.
Version 5.02 is affected.

IBM Rational Collaborative Lifecycle Management:

Version 5.0 is affected.
Version 6.0 is affected.
Version 6.0.1 is affected.
Version 6.0.2 is affected.
Version 6.0.3 is affected.
Version 6.0.4 is affected.
Version 6.0.5 is affected.
Version 6.0.6 is affected.
Version 5.01 is affected.
Version 5.02 is affected.

IBM Rational Rhapsody Design Manager:

Version 5.0 is affected.
Version 6.0 is affected.
Version 6.0.1 is affected.
Version 6.0.2 is affected.
Version 6.0.3 is affected.
Version 6.0.4 is affected.
Version 6.0.5 is affected.
Version 6.0.6 is affected.
Version 5.01 is affected.
Version 5.02 is affected.

IBM Rational Quality Manager:

Version 5.0 is affected.
Version 6.0 is affected.
Version 6.0.1 is affected.
Version 6.0.2 is affected.
Version 6.0.3 is affected.
Version 6.0.4 is affected.
Version 6.0.5 is affected.
Version 6.0.6 is affected.
Version 5.01 is affected.
Version 5.02 is affected.

IBM Rational Engineering Lifecycle Manager:

Version 5.0 is affected.
Version 6.0 is affected.
Version 6.0.1 is affected.
Version 6.0.2 is affected.
Version 6.0.3 is affected.
Version 6.0.4 is affected.
Version 6.0.5 is affected.
Version 6.0.6 is affected.
Version 5.01 is affected.
Version 5.02 is affected.

Exploit Probability

EPSS

0.27%

Percentile

49.86%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-1694 vulnerability in IBM ProductsPublished on November 6, 2018

Products Associated with CVE-2018-1694

Affected Versions

Exploit Probability

CVE-2018-1694 vulnerability in IBM Products
Published on November 6, 2018