CVE Vulnerabilities

CVE-2015-7469

Published: Jan 17, 2016 | Modified: Jan 21, 2016
CVSS 3.x
4.3
MEDIUM
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
CVSS 2.x
4 MEDIUM
AV:N/AC:L/Au:S/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to bypass intended read-only restrictions by leveraging a JazzGuest role.

Affected Software

Name Vendor Start Version End Version
Jazz_reporting_service Ibm 5.0 (including) 5.0 (including)
Jazz_reporting_service Ibm 5.0.1 (including) 5.0.1 (including)
Jazz_reporting_service Ibm 5.0.2 (including) 5.0.2 (including)
Jazz_reporting_service Ibm 6.0 (including) 6.0 (including)

References