CVE-2017-1191

An undisclosed vulnerability in CLM applications (including IBM Rational Collaborative Lifecycle Management 4.0, 5.0, and 6.0) with potential for failure to restrict URL Access. IBM X-Force ID: 123661.

Published: Dec 27, 2017
Updated: Nov 9, 2025
CVE: CVE-2017-1191
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
ibm / rational_collaborative_lifecycle_management	4.0.0	6.0.4.x
ibm / rational_quality_manager	6.0.0	6.0.4.x
ibm / rational_quality_manager	5.0.0	5.0.2.x
ibm / rational_quality_manager	4.0.0	4.0.7.x
ibm / rational_team_concert	4.0.0	4.0.7.x
ibm / rational_team_concert	5.0.0	5.0.2.x
ibm / rational_team_concert	6.0.0	6.0.4.x
ibm / rational_doors_next_generation	4.0.1	4.0.7.x
ibm / rational_doors_next_generation	5.0.0	5.0.2.x
ibm / rational_doors_next_generation	6.0.0	6.0.4.x
ibm / rational_engineering_lifecycle_manager	4.0.3	4.0.7.x
ibm / rational_engineering_lifecycle_manager	5.0.0	5.0.2.x
ibm / rational_engineering_lifecycle_manager	6.0.0	6.0.4.x
ibm / rational_rhapsody_design_manager	4.0.0	4.0.7.x
ibm / rational_rhapsody_design_manager	5.0.0	5.0.2.x
ibm / rational_rhapsody_design_manager	6.0.0	6.0.4.x
ibm / rational_software_architect_design_manager	5.0.1	5.0.1.x
ibm / rational_software_architect_design_manager	5.0.0	5.0.0.x
ibm / rational_software_architect_design_manager	5.0.2	5.0.2.x
ibm / rational_software_architect_design_manager	6.0.0	6.0.0.x
ibm / rational_software_architect_design_manager	6.0.1	6.0.1.x
ibm / rational_software_architect_design_manager	4.0.0	4.0.7.x

Vulnerability Database

300,445

CVE-2017-1191

Deep Security Visibility Without the Complexity