3 matches found
Security Bulletin: "Local Access Only" authentication type does not prevent unauthenticated remote access to Help Server Administration in ClearQuest (CVE-2014-3106)
Summary "Local Access Only" authentication type does not prevent unauthenticated remote access to Help Server Administration. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for more information requires login wi...
CVE-2014-3106
IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 does not properly implement the Local Access Only protection mechanism, which allows remote attackers to bypass authentication and read files via the Help Server Administration feature...
CVE-2014-3106
IBM Rational ClearQuest is affected by CVE-2014-3106 where the Local Access Only ACL does not prevent unauthenticated remote access to the Help Server Administration, allowing attackers to bypass authentication and read files. Affected versions are 7.1.2–7.1.2.14, 8.0.0–8.0.0.11, and 8.0.1–8.0.1....