Arbitrary OS Command Execution in IBM Rational Quality Manager and Rational Collaborative Lifecycle Management
CVE-2016-0326 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
IBM Rational Quality Manager (RQM) and Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.x before 4.0.7 iFix11, 5.x before 5.0.2 iFix17, and 6.x before 6.0.1 ifix3 allow remote authenticated users to execute arbitrary OS commands via a crafted "HTML request."
Learn more about our Code Quality Review.