Lucene search
HistoryAug 17, 2012 - 8:55 p.m.
CVE-2012-2164
ibm
rational clearquest
web client
authenticated users
access restrictions
system settings
parameter tampering
cve-2012-2164
5.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
6.1 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
41.6%
The Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3 allows remote authenticated users to bypass intended access restrictions, and use the Site Administration menu to modify system settings, via a parameter-tampering attack.
Affected configurations
Node
ibmrational_clearquestMatch7.1.1.1
ORibmrational_clearquestMatch7.1.1.2
ORibmrational_clearquestMatch7.1.1.3
ORibmrational_clearquestMatch7.1.1.4
ORibmrational_clearquestMatch7.1.1.5
ORibmrational_clearquestMatch7.1.1.6
ORibmrational_clearquestMatch7.1.1.7
ORibmrational_clearquestMatch7.1.1.8
ORibmrational_clearquestMatch7.1.2
ORibmrational_clearquestMatch7.1.2.1
ORibmrational_clearquestMatch7.1.2.2
ORibmrational_clearquestMatch7.1.2.3
ORibmrational_clearquestMatch7.1.2.4
ORibmrational_clearquestMatch7.1.2.5
ORibmrational_clearquestMatch7.1.2.6
Node
ibmrational_clearquestMatch8.0
ORibmrational_clearquestMatch8.0.0.1
ORibmrational_clearquestMatch8.0.0.2
Related
ibm
ibm
prion
prion
Design/Logic Flaw
2012-08-17 20:55:00
cvelist
cvelist
CVE-2012-2164
2012-08-17 20:00:00
nvd
nvd
CVE-2012-2164
2012-08-17 20:55:04
nessus
nessus
5.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
6.1 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
41.6%
Related for CVE-2012-2164