CVE-2015-0113 : The Jazz help system in IBM Rational Collaborative Lifecycle Management 4.0 thro

The Jazz help system in IBM Rational Collaborative Lifecycle Management 4.0 through 5.0.2, Rational Quality Manager 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Team Concert 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Requirements Composer 4.0 through 4.0.7, Rational DOORS Next Generation 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Engineering Lifecycle Manager 4.0.3 through 4.0.7 and 5.0 through 5.0.2, Rational Rhapsody Design Manager 4.0 through 4.0.7 and 5.0 through 5.0.2, and Rational Software Architect Design Manager 4.0 through 4.0.7 and 5.0 through 5.0.2 allows remote attackers to read JSP source code via a crafted request.

Published 2015-04-27 11:59:03

Updated 2025-04-12 10:46:41

Source IBM Corporation

View at NVD, CVE.org

Products affected by CVE-2015-0113

IBM » Rational Quality Manager » Version: 4.0.4
cpe:2.3:a:ibm:rational_quality_manager:4.0.4:*:*:*:*:*:*:*
Matching versions
IBM » Rational Quality Manager » Version: 4.0.3
cpe:2.3:a:ibm:rational_quality_manager:4.0.3:*:*:*:*:*:*:*
Matching versions
IBM » Rational Quality Manager » Version: 4.0.2
cpe:2.3:a:ibm:rational_quality_manager:4.0.2:*:*:*:*:*:*:*
Matching versions
IBM » Rational Quality Manager » Version: 4.0.1
cpe:2.3:a:ibm:rational_quality_manager:4.0.1:*:*:*:*:*:*:*
Matching versions
IBM » Rational Quality Manager » Version: 4.0
cpe:2.3:a:ibm:rational_quality_manager:4.0:*:*:*:*:*:*:*
Matching versions
IBM » Rational Quality Manager » Version: 4.0.0.2
cpe:2.3:a:ibm:rational_quality_manager:4.0.0.2:*:*:*:*:*:*:*
Matching versions
IBM » Rational Quality Manager » Version: 4.0.0.1
cpe:2.3:a:ibm:rational_quality_manager:4.0.0.1:*:*:*:*:*:*:*
Matching versions
IBM » Rational Quality Manager » Version: 4.0.5
cpe:2.3:a:ibm:rational_quality_manager:4.0.5:*:*:*:*:*:*:*
Matching versions
IBM » Rational Quality Manager » Version: 4.0.7
cpe:2.3:a:ibm:rational_quality_manager:4.0.7:*:*:*:*:*:*:*
Matching versions
IBM » Rational Quality Manager » Version: 5.0.0
cpe:2.3:a:ibm:rational_quality_manager:5.0.0:*:*:*:*:*:*:*
Matching versions
IBM » Rational Quality Manager » Version: 5.0.1
cpe:2.3:a:ibm:rational_quality_manager:5.0.1:*:*:*:*:*:*:*
Matching versions
IBM » Rational Quality Manager » Version: 5.0.2
cpe:2.3:a:ibm:rational_quality_manager:5.0.2:*:*:*:*:*:*:*
Matching versions
IBM » Rational Team Concert » Version: 4.0
cpe:2.3:a:ibm:rational_team_concert:4.0:*:*:*:*:*:*:*
Matching versions
IBM » Rational Team Concert » Version: 4.0.1
cpe:2.3:a:ibm:rational_team_concert:4.0.1:*:*:*:*:*:*:*
Matching versions
IBM » Rational Team Concert » Version: 4.0.5
cpe:2.3:a:ibm:rational_team_concert:4.0.5:*:*:*:*:*:*:*
Matching versions
IBM » Rational Team Concert » Version: 4.0.2
cpe:2.3:a:ibm:rational_team_concert:4.0.2:*:*:*:*:*:*:*
Matching versions
IBM » Rational Team Concert » Version: 4.0.3
cpe:2.3:a:ibm:rational_team_concert:4.0.3:*:*:*:*:*:*:*
Matching versions
IBM » Rational Team Concert » Version: 4.0.4
cpe:2.3:a:ibm:rational_team_concert:4.0.4:*:*:*:*:*:*:*
Matching versions
IBM » Rational Team Concert » Version: 4.0.0.1
cpe:2.3:a:ibm:rational_team_concert:4.0.0.1:*:*:*:*:*:*:*
Matching versions
IBM » Rational Team Concert » Version: 4.0.0.2
cpe:2.3:a:ibm:rational_team_concert:4.0.0.2:*:*:*:*:*:*:*
Matching versions
IBM » Rational Team Concert » Version: 4.0.6
cpe:2.3:a:ibm:rational_team_concert:4.0.6:*:*:*:*:*:*:*
Matching versions
IBM » Rational Team Concert » Version: 5.0.1
cpe:2.3:a:ibm:rational_team_concert:5.0.1:*:*:*:*:*:*:*
Matching versions
IBM » Rational Team Concert » Version: 5.0.0
cpe:2.3:a:ibm:rational_team_concert:5.0.0:*:*:*:*:*:*:*
Matching versions
IBM » Rational Team Concert » Version: 5.0.2
cpe:2.3:a:ibm:rational_team_concert:5.0.2:*:*:*:*:*:*:*
Matching versions
IBM » Rational Team Concert » Version: 4.0.7
cpe:2.3:a:ibm:rational_team_concert:4.0.7:*:*:*:*:*:*:*
Matching versions
IBM » Rational Requirements Composer » Version: 4.0.0
cpe:2.3:a:ibm:rational_requirements_composer:4.0.0:*:*:*:*:*:*:*
Matching versions
IBM » Rational Requirements Composer » Version: 4.0.1
cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*
Matching versions
IBM » Rational Requirements Composer » Version: 4.0.2
cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*
Matching versions
IBM » Rational Requirements Composer » Version: 4.0.4
cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*
Matching versions
IBM » Rational Requirements Composer » Version: 4.0.3
cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*
Matching versions
IBM » Rational Requirements Composer » Version: 4.0.5
cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*
Matching versions
IBM » Rational Requirements Composer » Version: 4.0.0.1
cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.1:*:*:*:*:*:*:*
Matching versions
IBM » Rational Requirements Composer » Version: 4.0.0.2
cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.2:*:*:*:*:*:*:*
Matching versions
IBM » Rational Requirements Composer » Version: 4.0.6
cpe:2.3:a:ibm:rational_requirements_composer:4.0.6:*:*:*:*:*:*:*
Matching versions
IBM » Rational Requirements Composer » Version: 4.0.7
cpe:2.3:a:ibm:rational_requirements_composer:4.0.7:*:*:*:*:*:*:*
Matching versions
IBM » Rational Software Architect Design Manager » Version: 4.0.2
cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.2:*:*:*:*:*:*:*
Matching versions
IBM » Rational Software Architect Design Manager » Version: 4.0.3
cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.3:*:*:*:*:*:*:*
Matching versions
IBM » Rational Software Architect Design Manager » Version: 4.0.4
cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.4:*:*:*:*:*:*:*
Matching versions
IBM » Rational Software Architect Design Manager » Version: 4.0.0
cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.0:*:*:*:*:*:*:*
Matching versions
IBM » Rational Software Architect Design Manager » Version: 4.0.1
cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.1:*:*:*:*:*:*:*
Matching versions
IBM » Rational Software Architect Design Manager » Version: 4.0.5
cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.5:*:*:*:*:*:*:*
Matching versions
IBM » Rational Software Architect Design Manager » Version: 4.0.6
cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.6:*:*:*:*:*:*:*
Matching versions
IBM » Rational Software Architect Design Manager » Version: 5.0
cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0:*:*:*:*:*:*:*
Matching versions
IBM » Rational Software Architect Design Manager » Version: 4.0.7
cpe:2.3:a:ibm:rational_software_architect_design_manager:4.0.7:*:*:*:*:*:*:*
Matching versions
IBM » Rational Software Architect Design Manager » Version: 5.0.1
cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.1:*:*:*:*:*:*:*
Matching versions
IBM » Rational Software Architect Design Manager » Version: 5.0.2
cpe:2.3:a:ibm:rational_software_architect_design_manager:5.0.2:*:*:*:*:*:*:*
Matching versions
IBM » Rational Collaborative Lifecycle Management » Version: 4.0.1
cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.1:*:*:*:*:*:*:*
Matching versions
IBM » Rational Collaborative Lifecycle Management » Version: 4.0.0
cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.0:*:*:*:*:*:*:*
Matching versions
IBM » Rational Collaborative Lifecycle Management » Version: 4.0.3
cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.3:*:*:*:*:*:*:*
Matching versions
IBM » Rational Collaborative Lifecycle Management » Version: 4.0.2
cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.2:*:*:*:*:*:*:*
Matching versions
IBM » Rational Collaborative Lifecycle Management » Version: 4.0.5
cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.5:*:*:*:*:*:*:*
Matching versions
IBM » Rational Collaborative Lifecycle Management » Version: 4.0.4
cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.4:*:*:*:*:*:*:*
Matching versions
IBM » Rational Collaborative Lifecycle Management » Version: 4.0.6
cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.6:*:*:*:*:*:*:*
Matching versions
IBM » Rational Collaborative Lifecycle Management » Version: 4.0.7
cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.7:*:*:*:*:*:*:*
Matching versions
IBM » Rational Collaborative Lifecycle Management » Version: 5.0.0
cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.0:*:*:*:*:*:*:*
Matching versions
IBM » Rational Collaborative Lifecycle Management » Version: 5.0.1
cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.1:*:*:*:*:*:*:*
Matching versions
IBM » Rational Collaborative Lifecycle Management » Version: 5.0.2
cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.2:*:*:*:*:*:*:*
Matching versions
IBM » Rational Doors Next Generation » Version: 4.0.4
cpe:2.3:a:ibm:rational_doors_next_generation:4.0.4:*:*:*:*:*:*:*
Matching versions
IBM » Rational Doors Next Generation » Version: 4.0.5
cpe:2.3:a:ibm:rational_doors_next_generation:4.0.5:*:*:*:*:*:*:*
Matching versions
IBM » Rational Doors Next Generation » Version: 4.0.0
cpe:2.3:a:ibm:rational_doors_next_generation:4.0.0:*:*:*:*:*:*:*
Matching versions
IBM » Rational Doors Next Generation » Version: 4.0.1
cpe:2.3:a:ibm:rational_doors_next_generation:4.0.1:*:*:*:*:*:*:*
Matching versions
IBM » Rational Doors Next Generation » Version: 4.0.2
cpe:2.3:a:ibm:rational_doors_next_generation:4.0.2:*:*:*:*:*:*:*
Matching versions
IBM » Rational Doors Next Generation » Version: 4.0.3
cpe:2.3:a:ibm:rational_doors_next_generation:4.0.3:*:*:*:*:*:*:*
Matching versions
IBM » Rational Doors Next Generation » Version: 4.0.6
cpe:2.3:a:ibm:rational_doors_next_generation:4.0.6:*:*:*:*:*:*:*
Matching versions
IBM » Rational Doors Next Generation » Version: 5.0.1
cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*
Matching versions
IBM » Rational Doors Next Generation » Version: 5.0.2
cpe:2.3:a:ibm:rational_doors_next_generation:5.0.2:*:*:*:*:*:*:*
Matching versions
IBM » Rational Doors Next Generation » Version: 4.0.7
cpe:2.3:a:ibm:rational_doors_next_generation:4.0.7:*:*:*:*:*:*:*
Matching versions
IBM » Rational Rhapsody Design Manager » Version: 4.0.1
cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.1:*:*:*:*:*:*:*
Matching versions
IBM » Rational Rhapsody Design Manager » Version: 4.0.2
cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.2:*:*:*:*:*:*:*
Matching versions
IBM » Rational Rhapsody Design Manager » Version: 4.0
cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0:*:*:*:*:*:*:*
Matching versions
IBM » Rational Rhapsody Design Manager » Version: 5.0
cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0:*:*:*:*:*:*:*
Matching versions
IBM » Rational Rhapsody Design Manager » Version: 4.0.5
cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.5:*:*:*:*:*:*:*
Matching versions
IBM » Rational Rhapsody Design Manager » Version: 4.0.6
cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.6:*:*:*:*:*:*:*
Matching versions
IBM » Rational Rhapsody Design Manager » Version: 4.0.3
cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.3:*:*:*:*:*:*:*
Matching versions
IBM » Rational Rhapsody Design Manager » Version: 4.0.4
cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.4:*:*:*:*:*:*:*
Matching versions
IBM » Rational Rhapsody Design Manager » Version: 5.0.1
cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.1:*:*:*:*:*:*:*
Matching versions
IBM » Rational Rhapsody Design Manager » Version: 5.0.2
cpe:2.3:a:ibm:rational_rhapsody_design_manager:5.0.2:*:*:*:*:*:*:*
Matching versions
IBM » Rational Rhapsody Design Manager » Version: 4.0.7
cpe:2.3:a:ibm:rational_rhapsody_design_manager:4.0.7:*:*:*:*:*:*:*
Matching versions
IBM » Rational Engineering Lifecycle Manager » Version: 5.0
cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0:*:*:*:*:*:*:*
Matching versions
IBM » Rational Engineering Lifecycle Manager » Version: 5.0.1
cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.1:*:*:*:*:*:*:*
Matching versions
IBM » Rational Engineering Lifecycle Manager » Version: 5.0.2
cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:5.0.2:*:*:*:*:*:*:*
Matching versions
IBM » Rational Engineering Lifecycle Manager » Version: 4.0.3
cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.3:*:*:*:*:*:*:*
Matching versions
IBM » Rational Engineering Lifecycle Manager » Version: 4.0.5
cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.5:*:*:*:*:*:*:*
Matching versions
IBM » Rational Engineering Lifecycle Manager » Version: 4.0.7
cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.7:*:*:*:*:*:*:*
Matching versions
IBM » Rational Engineering Lifecycle Manager » Version: 4.0.4
cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.4:*:*:*:*:*:*:*
Matching versions
IBM » Rational Engineering Lifecycle Manager » Version: 4.0.6
cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:4.0.6:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2015-0113

EPSS FAQ

0.23%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 42 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2015-0113

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

CWE ids for CVE-2015-0113

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2015-0113

http://www-01.ibm.com/support/docview.wss?uid=swg21882770

IBM Security Bulletin: Vulnerability in Help system affects multiple IBM Rational products based on IBM Jazz technology (CVE-2015-0113)
Patch;Vendor Advisory

Jump to

Vulnerability Details : CVE-2015-0113

Products affected by CVE-2015-0113

Exploit prediction scoring system (EPSS) score for CVE-2015-0113

CVSS scores for CVE-2015-0113

CWE ids for CVE-2015-0113

References for CVE-2015-0113