VIR Vulnerability Intelligence Relay

CVE-2016-2981

medium
Published 2017-03-20 · Modified 2026-05-13
CVSS v3
6.8
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS v2
2.1
VIR risk
6.8

Description

An undisclosed vulnerability in the CLM applications in IBM Jazz Team Server may allow unauthorized access to user credentials. IBM Reference #: 1999965.

Predictions

Exploit likelihood
67%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: nvd@nist.gov — https://exchange.xforce.ibmcloud.com/vulnerabilities/113994?cm_mc_uid=06394756914614889387221&cm_mc_sid_50200000=1490229077

vendor Authored 2026-05-27

Vendor advisory: psirt@us.ibm.com — http://www.ibm.com/support/docview.wss?uid=swg21999965

Application impact
VendorProductVersionsFixed
ibmrational_collaborative_lifecycle_management4.0
ibmrational_collaborative_lifecycle_management4.0.1
ibmrational_collaborative_lifecycle_management4.0.2
ibmrational_collaborative_lifecycle_management4.0.3
ibmrational_collaborative_lifecycle_management4.0.4
ibmrational_collaborative_lifecycle_management4.0.5
ibmrational_collaborative_lifecycle_management4.0.6
ibmrational_collaborative_lifecycle_management4.0.7
ibmrational_collaborative_lifecycle_management5.0
ibmrational_collaborative_lifecycle_management5.0.1
ibmrational_collaborative_lifecycle_management5.0.2
ibmrational_collaborative_lifecycle_management6.0
ibmrational_collaborative_lifecycle_management6.0.1
ibmrational_collaborative_lifecycle_management6.0.2
ibmrational_collaborative_lifecycle_management6.0.3

References

CWEs

CWE-200

Verify integrity in audit chain (admin only). AS-IS.