Lucene search

[email protected]CVE-2013-3041

HistoryOct 01, 2013 - 12:55 a.m.

CVE-2013-3041

2013-10-0100:55:12

[email protected]

web.nvd.nist.gov

ibm

rational clearquest

web client

7.1

8.0

8.0.1

json hijacking

cve-2013-3041

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

61.7%

JSON

The Web Client in IBM Rational ClearQuest 7.1 before 7.1.2.12, 8.0 before 8.0.0.8, and 8.0.1 before 8.0.1.1 allows remote attackers to obtain sensitive information from the client-server data stream via unspecified vectors associated with a “JSON hijacking attack.”

Affected configurations

NVD

Node

ibmrational_clearquestMatch7.1

ibmrational_clearquestMatch7.1.0.1

ibmrational_clearquestMatch7.1.0.2

ibmrational_clearquestMatch7.1.1

ibmrational_clearquestMatch7.1.1.1

ibmrational_clearquestMatch7.1.1.2

ibmrational_clearquestMatch7.1.1.3

ibmrational_clearquestMatch7.1.1.4

ibmrational_clearquestMatch7.1.1.5

ibmrational_clearquestMatch7.1.1.6

ibmrational_clearquestMatch7.1.1.7

ibmrational_clearquestMatch7.1.1.8

ibmrational_clearquestMatch7.1.1.9

ibmrational_clearquestMatch7.1.2

ibmrational_clearquestMatch7.1.2.1

ibmrational_clearquestMatch7.1.2.2

ibmrational_clearquestMatch7.1.2.3

ibmrational_clearquestMatch7.1.2.4

ibmrational_clearquestMatch7.1.2.5

ibmrational_clearquestMatch7.1.2.6

ibmrational_clearquestMatch7.1.2.7

ibmrational_clearquestMatch7.1.2.8

ibmrational_clearquestMatch7.1.2.9

ibmrational_clearquestMatch7.1.2.10

ibmrational_clearquestMatch7.1.2.11

ibmrational_clearquestMatch8.0

ibmrational_clearquestMatch8.0.0.1

ibmrational_clearquestMatch8.0.0.2

ibmrational_clearquestMatch8.0.0.3

ibmrational_clearquestMatch8.0.0.4

ibmrational_clearquestMatch8.0.0.5

ibmrational_clearquestMatch8.0.0.6

ibmrational_clearquestMatch8.0.0.7

ibmrational_clearquestMatch8.0.1

CPENameOperatorVersion
ibm:rational_clearquestibm rational clearquesteq7.1
ibm:rational_clearquestibm rational clearquesteq7.1.0.1
ibm:rational_clearquestibm rational clearquesteq7.1.0.2
ibm:rational_clearquestibm rational clearquesteq7.1.1
ibm:rational_clearquestibm rational clearquesteq7.1.1.1
ibm:rational_clearquestibm rational clearquesteq7.1.1.2
ibm:rational_clearquestibm rational clearquesteq7.1.1.3
ibm:rational_clearquestibm rational clearquesteq7.1.1.4
ibm:rational_clearquestibm rational clearquesteq7.1.1.5
ibm:rational_clearquestibm rational clearquesteq7.1.1.6

CPE	Name	Operator	Version
ibm:rational_clearquest	ibm rational clearquest	eq	7.1
ibm:rational_clearquest	ibm rational clearquest	eq	7.1.0.1
ibm:rational_clearquest	ibm rational clearquest	eq	7.1.0.2
ibm:rational_clearquest	ibm rational clearquest	eq	7.1.1
ibm:rational_clearquest	ibm rational clearquest	eq	7.1.1.1
ibm:rational_clearquest	ibm rational clearquest	eq	7.1.1.2
ibm:rational_clearquest	ibm rational clearquest	eq	7.1.1.3
ibm:rational_clearquest	ibm rational clearquest	eq	7.1.1.4
ibm:rational_clearquest	ibm rational clearquest	eq	7.1.1.5
ibm:rational_clearquest	ibm rational clearquest	eq	7.1.1.6