IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2015-7449

IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0.7 iFix10 5.0.x before 5.0.2 iFix15 6.0.x before 6.0.1 iFix5 and 6.0.2 before iFix2 Rational Quality Manager (RQM) 4.0.x before 4.0.7 iFix10 5.0.x before 5.0.2 iFix15 6.0.x before 6.0.1 iFix5 and 6.0.2 before iFix2 Rational Team Concert (RTC) 4.0.x before 4.0.7 iFix10 5.0.x before 5.0.2 iFix15 6.0.x before 6.0.1 iFix5 and 6.0.2 before iFix2 Rational Requirements Composer (RRC) 4.0.x before 4.0.7 iFix10 Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10 5.0.x before 5.0.2 iFix15 6.0.x before 6.0.1 iFix5 and 6.0.2 before iFix2 Rational Engineering Lifecycle Manager (RELM) 4.0.3 4.0.4 4.0.5 4.0.6 4.0.7 before iFix1 5.0.x before 5.0.2 iFix1 and 6.0.x before 6.0.2 Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10 5.0.x before 5.0.2 iFix15 6.0.x before 6.0.1 iFix5 and 6.0.2 before iFix2 Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10 5.0.x before 5.0.2 iFix15 6.0.x before 6.0.1 iFix5 and 6.0.2 before iFix2 allow local users to obtain sensitive information by leveraging weak encryption. IBM X-Force ID: 108221.