Rational team concert

This hub aggregates every CVE we track for Rational team concert. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Rational team concert.

• CVE-2020-4989IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 and IBM Rational Team Concert 6.0.6 and 6.0.0.1 could allow an authenticated user to obtain sensitive information about build definitions. ...4.3Mar 15, 2022
• CVE-2021-29701IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 as well as IBM Rational Team Concert 6.0.6 and 6.0.6.1 could allow an authneticated attacker to obtain sensitive information from build def...4.3Jan 11, 2022
• CVE-2021-29844IBM Jazz Team Server products is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to net...8.8Oct 27, 2021
• CVE-2021-29786IBM Jazz Team Server products stores user credentials in clear text which can be read by an authenticated user. IBM X-Force ID: 203172.6.5Oct 27, 2021
• CVE-2021-29774IBM Jazz Team Server products could allow an authenticated user to obtain elevated privileges under certain configurations. IBM X-Force ID: 203025.7.5Oct 27, 2021
• CVE-2021-29713IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten...5.4Oct 27, 2021
• CVE-2021-29673IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten...5.4Oct 27, 2021
• CVE-2020-5004IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potent...5.4Jul 28, 2021
• CVE-2020-4974IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to net...6.3Jul 28, 2021
• CVE-2021-20507IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended ...5.4Jul 19, 2021
• CVE-2020-5031IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended ...5.4Jul 19, 2021
• CVE-2021-20519IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten...5.4Apr 12, 2021
• CVE-2020-4965IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 192422.7.5Apr 12, 2021
• CVE-2020-4920IBM Jazz Team Server products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionalit...5.4Apr 12, 2021
• CVE-2020-4964IBM Jazz Team Server products contain an undisclosed vulnerability that could allow an authenticated user to present a customized message on the application which could be used to phish other users...4.3Apr 12, 2021