ID CVE-2008-5327Type cveReporter cve@mitre.orgModified 2017-08-08T01:33:00
Description
The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7 before 7.1 stores the database password in cleartext in an object in a ClearQuest connection profile or export file, which allows remote authenticated users to obtain sensitive information by locating the password object within the object tree.
{"id": "CVE-2008-5327", "bulletinFamily": "NVD", "title": "CVE-2008-5327", "description": "The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7 before 7.1 stores the database password in cleartext in an object in a ClearQuest connection profile or export file, which allows remote authenticated users to obtain sensitive information by locating the password object within the object tree.", "published": "2008-12-05T00:30:00", "modified": "2017-08-08T01:33:00", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5327", "reporter": "cve@mitre.org", "references": ["http://secunia.com/advisories/32847", "https://exchange.xforce.ibmcloud.com/vulnerabilities/46995", "http://www-01.ibm.com/support/docview.wss?uid=swg1PK65908"], "cvelist": ["CVE-2008-5327"], "type": "cve", "lastseen": "2019-05-29T18:09:29", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "c77c7e5d20e5318c204c763a8ab77a6c"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "5badf24b940219736d11157dd11498b7"}, {"key": "cpe23", "hash": "abe68a015b9c50f6ecd1c1a473cc7b8c"}, {"key": "cvelist", "hash": "4117d61d0b66ae0d84fd24303e2ade9d"}, {"key": "cvss", "hash": "0187fd86f792b6c1e0077d0f69d0ed79"}, {"key": "cvss2", "hash": "4ee7bad2a96feeda01edc0af179f1974"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "cc03f0f13c5b7a13cd38f730cca5a70f"}, {"key": "description", "hash": "d8e0acec8e882da67e91989df1457d8b"}, {"key": "href", "hash": "e0ac1a8397f674764c7c6f37c77876f5"}, {"key": "modified", "hash": "8004a81951076f215123ecae93154cff"}, {"key": "published", "hash": "46e1ea17e00725aec9a54fb947ee474a"}, {"key": "references", "hash": "77278a973963ce454271233d927fc26d"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "d298d9f55de61956f5c7ead6ba351862"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "462321bae27b205e3379825a45da402b246c163ddb2fd056ac379908b47bfd76", "viewCount": 0, "enchantments": {"score": {"value": 3.6, "vector": "NONE", "modified": "2019-05-29T18:09:29"}, "dependencies": {"references": [], "modified": "2019-05-29T18:09:29"}, "vulnersScore": 3.6}, "objectVersion": "1.3", "cpe": ["cpe:/a:ibm:rational_clearquest:7.0.1.1", "cpe:/a:ibm:rational_clearquest:7.0.0.0", "cpe:/a:ibm:rational_clearquest:7.0.2", "cpe:/a:ibm:rational_clearquest:7.0.1", "cpe:/a:ibm:rational_clearquest:7.0.0.3", "cpe:/a:ibm:rational_clearquest:7.0", "cpe:/a:ibm:rational_clearquest:7.0.0.1", "cpe:/a:ibm:rational_clearquest:7.0.1.2", "cpe:/a:ibm:rational_clearquest:7.0.0.2"], "affectedSoftware": [{"name": "ibm rational_clearquest", "operator": "eq", "version": "7.0.1.1"}, {"name": "ibm rational_clearquest", "operator": "eq", "version": "7.0.1"}, {"name": "ibm rational_clearquest", "operator": "eq", "version": "7.0.1.2"}, {"name": "ibm rational_clearquest", "operator": "eq", "version": "7.0.2"}, {"name": "ibm rational_clearquest", "operator": "eq", "version": "7.0.0.1"}, {"name": "ibm rational_clearquest", "operator": "eq", "version": "7.0.0.3"}, {"name": "ibm rational_clearquest", "operator": "eq", "version": "7.0.0.0"}, {"name": "ibm rational_clearquest", "operator": "eq", "version": "7.0.0.2"}, {"name": "ibm rational_clearquest", "operator": "eq", "version": "7.0"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:ibm:rational_clearquest:7.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:rational_clearquest:7.0.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:rational_clearquest:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:rational_clearquest:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:rational_clearquest:7.0.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:rational_clearquest:7.0.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:rational_clearquest:7.0.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:rational_clearquest:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:rational_clearquest:7.0.0.1:*:*:*:*:*:*:*"], "cwe": ["CWE-255"]}
{}
