Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
IBM RTC Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability - CVE-2016-0325 - Vulnerability Database
IBM RTC

IBM RTC Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability - CVE-2016-0325

Medium
Reference: CVE-2016-0325
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2016-0325
Title: IBM RTC Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
Overview:

IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8 4.0 before 4.0.7 iFix11 5.0 before 5.0.2 iFix18 and 6.0 before 6.0.2 iFix5 Rational Quality Manager 3.0.1.6 before iFix8 4.0 before 4.0.7 iFix11 5.0 before 5.0.2 iFix18 and 6.0 before 6.0.2 iFix5 Rational Team Concert 3.0.1.6 before iFix8 4.0 before 4.0.7 iFix11 5.0 before 5.0.2 iFix18 and 6.0 before 6.0.2 iFix5 Rational DOORS Next Generation 4.0 before 4.0.7 iFix11 5.0 before 5.0.2 iFix18 and 6.0 before 6.0.2 iFix5 Rational Engineering Lifecycle Manager 4.x before 4.0.7 iFix11 5.0 before 5.0.2 iFix18 and 6.0 before 6.0.2 iFix5 Rational Rhapsody Design Manager 4.0 before 4.0.7 iFix11 5.0 before 5.0.2 iFix18 and 6.0 before 6.0.2 iFix5 and Rational Software Architect Design Manager 4.0 before 4.0.7 iFix11 5.0 before 5.0.2 iFix18 and 6.0 before 6.0.2 iFix5 allow remote authenticated users to execute arbitrary OS commands via a crafted request.