CVE-2016-6040

Summary

IBM Jazz Foundation could allow an authenticated user to take over a previously logged in user due to session expiration not being enforced.

Affected Software

VendorProductVersion RangeStatus
IBM CorporationRational Collaborative Lifecycle Management3.0.1affected
IBM CorporationRational Collaborative Lifecycle Management4.0affected
IBM CorporationRational Collaborative Lifecycle Management3.0.1.6affected
IBM CorporationRational Collaborative Lifecycle Management4.0.1affected
IBM CorporationRational Collaborative Lifecycle Management4.0.2affected
IBM CorporationRational Collaborative Lifecycle Management4.0.3affected
IBM CorporationRational Collaborative Lifecycle Management4.0.4affected
IBM CorporationRational Collaborative Lifecycle Management4.0.5affected
IBM CorporationRational Collaborative Lifecycle Management4.0.6affected
IBM CorporationRational Collaborative Lifecycle Management5.0affected
IBM CorporationRational Collaborative Lifecycle Management4.0.7affected
IBM CorporationRational Collaborative Lifecycle Management5.0.1affected
IBM CorporationRational Collaborative Lifecycle Management5.0.2affected
IBM CorporationRational Collaborative Lifecycle Management6.0affected
IBM CorporationRational Collaborative Lifecycle Management6.0.1affected
IBM CorporationRational Collaborative Lifecycle Management6.0.2affected
IBM CorporationRational Collaborative Lifecycle Management6.0.3affected

Weaknesses

  • Bypass Security

ADP Enrichment

CVE Program Container

Additional References

References