What is the severity of CVE-2014-3106?

CVE-2014-3106 has a medium severity rating due to its potential to allow unauthorized remote access.

How do I fix CVE-2014-3106?

To fix CVE-2014-3106, update your IBM Rational ClearQuest to versions 7.1.2.15, 8.0.0.12, or 8.0.1.5 and above.

What can attackers do with CVE-2014-3106?

Attackers can bypass authentication and read files through the Help Server Administration feature if CVE-2014-3106 is exploited.

Which versions of IBM Rational ClearQuest are affected by CVE-2014-3106?

CVE-2014-3106 affects IBM Rational ClearQuest versions prior to 7.1.2.15, 8.0.0 prior to 8.0.0.12, and 8.0.1 prior to 8.0.1.5.

Is CVE-2014-3106 easy to exploit?

Yes, CVE-2014-3106 is relatively easy to exploit, making it crucial for organizations to apply the patch immediately.

Vulnerability/
CVE-2014-3106

medium

CWE

287

23/9/2014

6/8/2024

CVE-2014-3106

First published: Tue Sep 23 2014(Updated: )

IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 does not properly implement the Local Access Only protection mechanism, which allows remote attackers to bypass authentication and read files via the Help Server Administration feature.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Rational ClearCase	=7.1
IBM Rational ClearCase	=7.1.0.1
IBM Rational ClearCase	=7.1.0.2
IBM Rational ClearCase	=7.1.1
IBM Rational ClearCase	=7.1.1.1
IBM Rational ClearCase	=7.1.1.2
IBM Rational ClearCase	=7.1.1.3
IBM Rational ClearCase	=7.1.1.4
IBM Rational ClearCase	=7.1.1.5
IBM Rational ClearCase	=7.1.1.6
IBM Rational ClearCase	=7.1.1.7
IBM Rational ClearCase	=7.1.1.8
IBM Rational ClearCase	=7.1.1.9
IBM Rational ClearCase	=7.1.2
IBM Rational ClearCase	=7.1.2.1
IBM Rational ClearCase	=7.1.2.2
IBM Rational ClearCase	=7.1.2.3
IBM Rational ClearCase	=7.1.2.4
IBM Rational ClearCase	=7.1.2.5
IBM Rational ClearCase	=7.1.2.6
IBM Rational ClearCase	=7.1.2.7
IBM Rational ClearCase	=7.1.2.9
IBM Rational ClearCase	=7.1.2.10
IBM Rational ClearCase	=7.1.2.11
IBM Rational ClearCase	=7.1.2.12
IBM Rational ClearCase	=7.1.2.13
IBM Rational ClearCase	=7.1.2.14
IBM Rational ClearCase	=8.0
IBM Rational ClearCase	=8.0.0.1
IBM Rational ClearCase	=8.0.0.2
IBM Rational ClearCase	=8.0.0.3
IBM Rational ClearCase	=8.0.0.4
IBM Rational ClearCase	=8.0.0.5
IBM Rational ClearCase	=8.0.0.6
IBM Rational ClearCase	=8.0.0.7
IBM Rational ClearCase	=8.0.0.8
IBM Rational ClearCase	=8.0.0.9
IBM Rational ClearCase	=8.0.0.10
IBM Rational ClearCase	=8.0.0.11
IBM Rational ClearCase	=8.0.1
IBM Rational ClearCase	=8.0.1.1
IBM Rational ClearCase	=8.0.1.2
IBM Rational ClearCase	=8.0.1.3
IBM Rational ClearCase	=8.0.1.4

Remedy

http://www-01.ibm.com/support/docview.wss?uid=swg21682950

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-3106?
CVE-2014-3106 has a medium severity rating due to its potential to allow unauthorized remote access.
How do I fix CVE-2014-3106?
To fix CVE-2014-3106, update your IBM Rational ClearQuest to versions 7.1.2.15, 8.0.0.12, or 8.0.1.5 and above.
What can attackers do with CVE-2014-3106?
Attackers can bypass authentication and read files through the Help Server Administration feature if CVE-2014-3106 is exploited.
Which versions of IBM Rational ClearQuest are affected by CVE-2014-3106?
CVE-2014-3106 affects IBM Rational ClearQuest versions prior to 7.1.2.15, 8.0.0 prior to 8.0.0.12, and 8.0.1 prior to 8.0.1.5.
Is CVE-2014-3106 easy to exploit?
Yes, CVE-2014-3106 is relatively easy to exploit, making it crucial for organizations to apply the patch immediately.

collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/remedy
agent/last-modified-date
agent/weakness
agent/severity
agent/description
agent/first-publish-date
agent/event
agent/tags
agent/source
vendor/ibm
canonical/ibm rational clearcase
version/ibm rational clearcase/7.1
version/ibm rational clearcase/7.1.0.1
version/ibm rational clearcase/7.1.0.2
version/ibm rational clearcase/7.1.1
version/ibm rational clearcase/7.1.1.1
version/ibm rational clearcase/7.1.1.2
version/ibm rational clearcase/7.1.1.3
version/ibm rational clearcase/7.1.1.4
version/ibm rational clearcase/7.1.1.5
version/ibm rational clearcase/7.1.1.6
version/ibm rational clearcase/7.1.1.7
version/ibm rational clearcase/7.1.1.8
version/ibm rational clearcase/7.1.1.9
version/ibm rational clearcase/7.1.2
version/ibm rational clearcase/7.1.2.1
version/ibm rational clearcase/7.1.2.2
version/ibm rational clearcase/7.1.2.3
version/ibm rational clearcase/7.1.2.4
version/ibm rational clearcase/7.1.2.5
version/ibm rational clearcase/7.1.2.6
version/ibm rational clearcase/7.1.2.7
version/ibm rational clearcase/7.1.2.9
version/ibm rational clearcase/7.1.2.10
version/ibm rational clearcase/7.1.2.11
version/ibm rational clearcase/7.1.2.12
version/ibm rational clearcase/7.1.2.13
version/ibm rational clearcase/7.1.2.14
version/ibm rational clearcase/8.0
version/ibm rational clearcase/8.0.0.1
version/ibm rational clearcase/8.0.0.2
version/ibm rational clearcase/8.0.0.3
version/ibm rational clearcase/8.0.0.4
version/ibm rational clearcase/8.0.0.5
version/ibm rational clearcase/8.0.0.6
version/ibm rational clearcase/8.0.0.7
version/ibm rational clearcase/8.0.0.8
version/ibm rational clearcase/8.0.0.9
version/ibm rational clearcase/8.0.0.10
version/ibm rational clearcase/8.0.0.11
version/ibm rational clearcase/8.0.1
version/ibm rational clearcase/8.0.1.1
version/ibm rational clearcase/8.0.1.2
version/ibm rational clearcase/8.0.1.3
version/ibm rational clearcase/8.0.1.4