|Date: (C)2012-10-01 (M)2017-08-29|
|CVSS Score: 6.8||Access Vector: NETWORK|
|Exploitability Subscore: 8.6||Access Complexity: MEDIUM|
|Impact Subscore: 6.4||Authentication: NONE|
| ||Confidentiality: PARTIAL|
| ||Integrity: PARTIAL|
| ||Availability: PARTIAL|
Multiple cross-site request forgery (CSRF) vulnerabilities in unspecified services in IBM Rational Team Concert (RTC) 4.x before 126.96.36.199 allow remote attackers to hijack the authentication of arbitrary users for requests that modify work items.