Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

SDLC

IBM RTC

Rational Team Concert is a team collaboration tool that is built on a scalable extensible platform. Rational Team Concert uses the Change and Configuration Management (CCM) application to provide features that integrate development project tasks including iteration planning process definition change management defect tracking source control build automation and reporting.

Official Site:

https://www.ibm.com/support/knowledgecenter/SSYMRC_6.0.4/com.ibm.team.concert.doc/topics/c_product-overview.html

Severity Summary:

High: 9 Medium: 129 Low: 11
Reference
Title
Severity
CVE-2017-1103
IBM RTC Improper Restriction of XML External Entity Reference Vulnerability
High
CVE-2017-1701
IBM RTC Inadequate Encryption Strength Vulnerability
High
CVE-2020-4965
IBM RTC Inadequate Encryption Strength Vulnerability
High
CVE-2021-20502
IBM RTC Improper Restriction of XML External Entity Reference Vulnerability
High
CVE-2016-9707
IBM RTC Improper Restriction of XML External Entity Reference Vulnerability
High
CVE-2021-29774
IBM RTC Improper Privilege Management Vulnerability
High
CVE-2015-7440
IBM RTC Permissions Privileges and Access Controls Vulnerability
High
CVE-2021-29844
IBM RTC Server-Side Request Forgery (SSRF) Vulnerability
High
CVE-2019-4252
IBM RTC Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
CVE-2016-2926
IBM RTC Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-4975
IBM RTC Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2015-7453
IBM RTC Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2015-7471
IBM RTC Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2016-2864
IBM RTC Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-4856
IBM RTC Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-4857
IBM RTC Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2015-1971
IBM RTC Vulnerability
Medium
CVE-2020-4863
IBM RTC Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2015-1928
IBM RTC Improper Input Validation Vulnerability
Medium
CVE-2020-4866
IBM RTC Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2016-2986
IBM RTC Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-20340
IBM RTC Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-20350
IBM RTC Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-20351
IBM RTC Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2015-0113
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2016-9700
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2020-4544
IBM RTC Generation of Error Message Containing Sensitive Information Vulnerability
Medium
CVE-2020-4487
IBM RTC Generation of Error Message Containing Sensitive Information
Medium
CVE-2020-4691
IBM RTC Cross-site Scripting (XSS) Vulnerability
Medium
CVE-2020-4697
IBM RTC Cross-site Scripting (XSS) Vulnerability
Medium