What is the severity of CVE-2008-5329?

CVE-2008-5329 is considered to have a medium severity because it allows remote servers to manipulate client submissions and database changes.

How do I fix CVE-2008-5329?

To fix CVE-2008-5329, limit the JTLRMIREGISTRYSERVERS entries in the jtl.properties file to trusted server identifiers.

What versions of IBM Rational ClearQuest are affected by CVE-2008-5329?

CVE-2008-5329 affects IBM Rational ClearQuest versions 7.0.0.0 to 7.1 inclusive.

Can CVE-2008-5329 be exploited remotely?

Yes, CVE-2008-5329 can be exploited remotely, allowing attackers to redirect client submissions to arbitrary databases.

Is there a patch available for CVE-2008-5329?

IBM provides updates to address CVE-2008-5329, and users should ensure they are running the latest version of ClearQuest.

Vulnerability/
CVE-2008-5329

high

7.5

CWE

NVD-CWE-Other

5/12/2008

7/8/2024

CVE-2008-5329

First published: Fri Dec 05 2008(Updated: )

ClearQuest Web in IBM Rational ClearQuest MultiSite before 7.1 allows remote servers to direct a client's submissions and changes to an arbitrary database by specifying multiple comma-separated server identifiers on the JTLRMIREGISTRYSERVERS line in a jtl.properties file.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
IBM Rational ClearQuest	=7.0.1.1
IBM Rational ClearQuest	=7.0.0.1
IBM Rational ClearQuest	=7.0.0.2
IBM Rational ClearQuest	=7.0.0.0
IBM Rational ClearQuest	=7.0.1
IBM Rational ClearQuest	<=7.0.0.3
IBM Rational ClearQuest	=7.0.1.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-5329?
CVE-2008-5329 is considered to have a medium severity because it allows remote servers to manipulate client submissions and database changes.
How do I fix CVE-2008-5329?
To fix CVE-2008-5329, limit the JTLRMIREGISTRYSERVERS entries in the jtl.properties file to trusted server identifiers.
What versions of IBM Rational ClearQuest are affected by CVE-2008-5329?
CVE-2008-5329 affects IBM Rational ClearQuest versions 7.0.0.0 to 7.1 inclusive.
Can CVE-2008-5329 be exploited remotely?
Yes, CVE-2008-5329 can be exploited remotely, allowing attackers to redirect client submissions to arbitrary databases.
Is there a patch available for CVE-2008-5329?
IBM provides updates to address CVE-2008-5329, and users should ensure they are running the latest version of ClearQuest.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/references
agent/severity
agent/last-modified-date
agent/author
agent/first-publish-date
agent/description
agent/event
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/ibm
canonical/ibm rational clearquest
version/ibm rational clearquest/7.0.1.1
version/ibm rational clearquest/7.0.0.1
version/ibm rational clearquest/7.0.0.2
version/ibm rational clearquest/7.0.0.0
version/ibm rational clearquest/7.0.1
version/ibm rational clearquest/7.0.0.3
version/ibm rational clearquest/7.0.1.2

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.