Description

IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational DOORS Next Generation 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5; and other products, allows remote authenticated users to delete the dashboards of arbitrary users via unspecified vectors.

Remediation

References

CVE-2014-6129

Related Vulnerabilities

Ruby on Rails Uncontrolled Resource Consumption Vulnerability (CVE-2020-8185)

WordPress Plugin Compfight Cross-Site Scripting (1.4)

Drupal Core 4.5.x Cross-Site Scripting (4.5.0 - 4.5.1)

GlassFish Observable Discrepancy Vulnerability (CVE-2013-1620)

WordPress Plugin Theme My Login 'instance' Parameter Cross-Site Scripting (6.1.4)

Severity

Medium

Classification

CVE-2014-6129 CWE-264

Tags

Missing Update Known Vulnerabilities