CVE-2014-0862

Unspecified vulnerability in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x before 3.0.1.6 iFix 2 and 4.x before 4.0.6 allows remote attackers to execute arbitrary code via unknown vectors.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www-01.ibm.com/support/docview.wss?uid=swg21664566	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/90895
http://www-01.ibm.com/support/docview.wss?uid=swg21664566	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/90895

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.0:::::::*
	cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1:::::::*
	cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.1:::::::*
	cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.2:::::::*
	cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.3:::::::*
	cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.4:::::::*
	cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.5:::::::*
	cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.6:::::::*
	cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.0:::::::*
	cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.1:::::::*
	cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.2:::::::*
	cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.3:::::::*
	cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.4:::::::*
	cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.5:::::::*

History

21 Nov 2024, 02:02

Type	Values Removed	Values Added
References	~~() http://www-01.ibm.com/support/docview.wss?uid=swg21664566 - Vendor Advisory~~	() http://www-01.ibm.com/support/docview.wss?uid=swg21664566 - Vendor Advisory
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/90895 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/90895 -

Information

Published : 2014-03-02 04:57

Updated : 2025-04-12 10:46

NVD link : CVE-2014-0862

Mitre link : CVE-2014-0862

CVE.ORG link : CVE-2014-0862

JSON object : View

Products Affected

ibm

rational_collaborative_lifecycle_management

CWE

NVD-CWE-noinfo

{"id": "CVE-2014-0862", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-03-02T04:57:25.777", "references": [{"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21664566", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90895", "source": "psirt@us.ibm.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21664566", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90895", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x before 3.0.1.6 iFix 2 and 4.x before 4.0.6 allows remote attackers to execute arbitrary code via unknown vectors."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Jazz Team Server en IBM Rational Collaborative Lifecycle Management (CLM) 3.x anterior a 3.0.1.6 iFix 2 y 4.x anterior a 4.0.6 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores desconocidos."}], "lastModified": "2025-04-12T10:46:40.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D9641F4-846F-4FB0-BE40-F30972C87D7F"}, {"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E21B53E-28C2-4930-88F3-3AADD1BF31B5"}, {"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF2CAB1D-B5AB-42D2-8F35-52C6F64EC0FF"}, {"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "71816D92-AC01-4F7D-A878-7280175BB422"}, {"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88D17CA5-2B63-4914-9DBF-5861F69B5238"}, {"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D3B001F-0031-4BED-9A49-B9589EC9E5CE"}, {"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8CED8F4-22A6-4945-A21F-0D399BE661F7"}, {"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:3.0.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C2FA0B68-62BE-45B5-A359-1F922BEA587C"}, {"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC85C5A2-04BC-4E10-9EAF-6AF2CBC3AF41"}, {"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6C66DD3-20D9-4B47-AFA4-0BA789A973FF"}, {"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7178BB7D-7098-44FB-8DC1-C6A7AF5D6EE5"}, {"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F4A9A99-C26E-4476-934E-24AADFBDB8B4"}, {"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A73A4517-CA0C-4C11-BD22-47F53DFBD7B3"}, {"criteria": "cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C22AC9CB-44C3-43E1-B29A-3D06A421E51D"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}

10.0 /10