CVE-2009-4357: Infoleak
First published: Fri Dec 18 2009(Updated: )
CQWeb (aka the web interface) in IBM Rational ClearQuest before 7.1.1 does not properly handle use of legacy URLs for automatic login, which might allow attackers to discover the passwords for user accounts via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Rational ClearQuest | =7.0.1.3 | |
| IBM Rational ClearQuest | =6.10 | |
| IBM Rational ClearCase | <=7.1 | |
| IBM Rational ClearQuest | =7.0.1.1 | |
| IBM Rational ClearQuest | =7.0.0.1 | |
| IBM Rational ClearCase | =7.0.0.1 | |
| IBM Rational ClearCase | =7.0.1.1 | |
| IBM Rational ClearCase | =7.0.0.4 | |
| IBM Rational ClearQuest | =7.0.1.0 | |
| IBM Rational ClearQuest | =6.14 | |
| IBM Rational ClearQuest | =5.00 | |
| IBM Rational ClearCase | =7.0.1.3 | |
| IBM Rational ClearQuest | =5.20 | |
| IBM Rational ClearQuest | =6.13 | |
| IBM Rational ClearQuest | =7.0 | |
| IBM Rational ClearQuest | =2008 | |
| IBM Rational ClearQuest | =6.12 | |
| IBM Rational ClearQuest | =6.15 | |
| IBM Rational ClearCase | =7.0.0.2 | |
| IBM Rational ClearQuest | =7.0.1 | |
| IBM Rational ClearQuest | =6.16 | |
| IBM Rational ClearQuest | =2007 | |
| IBM Rational ClearQuest | =6.00 | |
| IBM Rational ClearQuest | =7.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/type
- agent/event
- agent/description
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm rational clearquest
- version/ibm rational clearquest/7.0.1.3
- version/ibm rational clearquest/6.10
- canonical/ibm rational clearcase
- version/ibm rational clearcase/7.1
- version/ibm rational clearquest/7.0.1.1
- version/ibm rational clearquest/7.0.0.1
- version/ibm rational clearcase/7.0.0.1
- version/ibm rational clearcase/7.0.1.1
- version/ibm rational clearcase/7.0.0.4
- version/ibm rational clearquest/7.0.1.0
- version/ibm rational clearquest/6.14
- version/ibm rational clearquest/5.00
- version/ibm rational clearcase/7.0.1.3
- version/ibm rational clearquest/5.20
- version/ibm rational clearquest/6.13
- version/ibm rational clearquest/7.0
- version/ibm rational clearquest/2008
- version/ibm rational clearquest/6.12
- version/ibm rational clearquest/6.15
- version/ibm rational clearcase/7.0.0.2
- version/ibm rational clearquest/7.0.1
- version/ibm rational clearquest/6.16
- version/ibm rational clearquest/2007
- version/ibm rational clearquest/6.00
- version/ibm rational clearquest/7.0.2