IBM Jazz applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Quality Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Rhapsody Design Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Software Architect Design Manager 5.0 through 5.02 and 6.0 through 6.0.1, IBM Rational Team Concert 5.0 through 5.02 and 6.0 through 6.0.6) could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 145609.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| IBM | Rational Team Concert | affected |
|
|||||||||||||||||||||||||||||||||
| IBM | Rational Software Architect Design Manager | affected |
|
|||||||||||||||||||||||||||||||||
| IBM | Rational DOORS Next Generation | affected |
|
|||||||||||||||||||||||||||||||||
| IBM | Rational Collaborative Lifecycle Management | affected |
|
|||||||||||||||||||||||||||||||||
| IBM | Rational Rhapsody Design Manager | affected |
|
|||||||||||||||||||||||||||||||||
| IBM | Rational Quality Manager | affected |
|
|||||||||||||||||||||||||||||||||
| IBM | Rational Engineering Lifecycle Manager | affected |
|
Configuration 1 [-]
|
No data.
No data.
Project Subscriptions
| Vendors | Products |
|---|---|
|
Ibm
Subscribe
|
Rational Collaborative Lifecycle Management
Subscribe
Rational Doors Next Generation
Subscribe
Rational Engineering Lifecycle Manager
Subscribe
Rational Quality Manager
Subscribe
Rational Rhapsody Design Manager
Subscribe
Rational Software Architect Design Manager
Subscribe
Rational Team Concert
Subscribe
|
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2018-12273 | IBM Jazz applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Quality Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Rhapsody Design Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Software Architect Design Manager 5.0 through 5.02 and 6.0 through 6.0.1, IBM Rational Team Concert 5.0 through 5.02 and 6.0 through 6.0.6) could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 145609. |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Fri, 11 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: ibm
Published:
Updated: 2024-09-17T00:40:43.367Z
Reserved: 2017-12-13T00:00:00
Link: CVE-2018-1694
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-11-06T16:29:00.737
Modified: 2024-11-21T04:00:12.873
Link: CVE-2018-1694
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses