Lucene search
K
IbmRational Clearcase

19 matches found

CVE
CVE
added 2014/09/23 9:0 p.m.94 views

CVE-2014-3105

CVE-2014-3105 affects IBM Rational ClearQuest Web OSLC integration and enables credential enumeration via distinct login error messages. IBM’s advisory lists affected versions: 7.1.0.x/7.1.1.x (all), 7.1.2.x (up to 7.1.2.14), 8.0.0.x (up to 8.0.0.11), and 8.0.1.x (up to 8.0.1.4). The root cause i...

5CVSS6.6AI score0.01667EPSS
CVE
CVE
added 2011/03/29 6:0 p.m.65 views

CVE-2011-1205

The CVE-2011-1205 entry concerns multiple buffer overflows in unspecified COM objects within IBM Rational licensing components used by Rational ClearCase 7.0.0.4–7.1.1.4, ClearQuest 7.0.0.4–7.1.1.4, and related products. The root cause is buffer overflows in COM objects that can be triggered by r...

6.9CVSS6.7AI score0.00372EPSS
CVE
CVE
added 2013/09/25 10:0 a.m.59 views

CVE-2013-5373

This CVE affects IBM Rational ClearCase RemoteClient: the rcleartool script and its config file have world-writable permissions, enabling local users to insert commands and potentially escalate privileges. Affected versions are Rational ClearCase 8.0.0.3–8.0.0.7 and 8.0.1. If exploited, the attac...

6.9CVSS6.6AI score0.00304EPSS
CVE
CVE
added 2014/09/23 9:0 p.m.59 views

CVE-2014-3104

CVE-2014-3104 technical details are not provided in the connected documents. The other entries reference similar memory‑exhaustion issues but do not specify affected products, vulnerable components, root cause, impact, or remediation for this CVE.

5CVSS6.8AI score0.01731EPSS
CVE
CVE
added 2014/09/23 9:0 p.m.57 views

CVE-2014-3103

The CVE-2014-3103 entry applies to IBM Rational ClearQuest Web. Affected: ClearQuest Web sessions using SSL where the session cookie lacks the Secure attribute, enabling potential interception of cookies transmitted over HTTP. Affected versions include 7.1.x (up to 7.1.2.15), 8.0.x (up to 8.0.0.1...

5CVSS6.4AI score0.01667EPSS
CVE
CVE
added 2014/09/23 8:0 p.m.55 views

CVE-2014-3090

Technical details about CVE-2014-3090 (IBM Rational ClearCase XML entity processing vulnerability) are not publicly provided in the supplied documents. Please monitor for updates from IBM or security advisories for affected versions and remediation guidance.

5CVSS6.8AI score0.02374EPSS
CVE
CVE
added 2014/09/23 8:0 p.m.55 views

CVE-2014-3101

The CVE-2014-3101 issue affects IBM Rational ClearQuest Web login: the login form fails to insert a delay after failed attempts in affected releases (7.1.x prior to 7.1.2.15, 8.0.0.x prior to 8.0.0.12, and 8.0.1.x prior to 8.0.1.5). This omission enables brute-force attempts to gain access. The I...

5CVSS6.6AI score0.02144EPSS
CVE
CVE
added 2009/04/14 4:0 p.m.53 views

CVE-2009-1292

CVE-2009-1292 affects IBM Rational ClearCase UCM-CQ on Linux/AIX (7.0.0.x before 7.0.0.5, 7.0.1.x before 7.0.1.4, 7.1.x before 7.1.0.1). The underlying issue is that a username and password are exposed on the command line, allowing local attackers to obtain credentials by listing processes. The a...

2.1CVSS6.4AI score0.00367EPSS
CVE
CVE
added 2009/12/18 7:0 p.m.52 views

CVE-2009-4357

CVE-2009-4357 affects IBM Rational ClearQuest CQWeb (the web interface) prior to version 7.1.1. The root cause is improper handling of legacy URLs used for automatic login, which could allow remote attackers to discover user passwords through unspecified vectors. Affected component: CQWeb web int...

5CVSS6.4AI score0.01076EPSS
CVE
CVE
added 2014/03/21 10:0 a.m.52 views

CVE-2014-0829

IBM Rational ClearCase contains buffer overflow vulnerabilities (CVE-2014-0829) affecting 7.x up to 7.1.2.13, 8.0.0.x up to 8.0.0.9, and 8.0.1.x up to 8.0.1.2. The flaw could allow remote code execution or privilege escalation on VOB/view servers or CCRC WAN servers when exploited by an authentic...

6.5CVSS6.2AI score0.01446EPSS
CVE
CVE
added 2015/03/25 1:0 a.m.52 views

CVE-2014-6134

CVE-2014-6134 affects IBM Rational ClearCase 8.0.0 prior to 8.0.0.14 and 8.0.1 prior to 8.0.1.7. During installation, when using Installation Manager before 1.8.2, the installer retains server passwords in cleartext in process memory, enabling a local attacker with access to the installation acco...

1.2CVSS5.8AI score0.00332EPSS
CVE
CVE
added 2014/09/23 9:0 p.m.51 views

CVE-2014-3106

IBM Rational ClearQuest is affected by CVE-2014-3106 where the Local Access Only ACL does not prevent unauthenticated remote access to the Help Server Administration, allowing attackers to bypass authentication and read files. Affected versions are 7.1.2–7.1.2.14, 8.0.0–8.0.0.11, and 8.0.1–8.0.1....

5CVSS6.9AI score0.0185EPSS
CVE
CVE
added 2015/04/06 12:0 a.m.51 views

CVE-2014-6221

Summary of CVE-2014-6221 (GSKit random data generation) : The GSKit MSCAPI/MSCNG interface does not generate cryptographically random data, enabling potential confidentiality/integrity compromise. Affected products and contexts include IBM GSKit in Rational ClearCase (various 7.1.2.x, 8.0.0.x, 8....

9.4CVSS6.2AI score0.02705EPSS
CVE
CVE
added 2019/02/15 8:0 p.m.51 views

CVE-2019-4059

IBM Rational ClearCase GIT connector version 1.0.0.0 exposes the document database password due to insufficient protection, allowing an attacker to obtain the password and gain unauthorized access to the document database. Root cause: inadequate protection of local credentials in the GIT connecto...

9.8CVSS9AI score0.01693EPSS
CVE
CVE
added 2013/12/19 10:0 p.m.48 views

CVE-2013-5422

The vulnerability CVE-2013-5422 affects IBM Rational ClearQuest Web Client. Affects Web Client in Rational ClearQuest versions 7.1–7.1.2.12, 8.0.0.x before 8.0.0.9, and 8.0.1.x before 8.0.1.2, where, when a multi-database dataset is present, an attacker can disclose the names of databases they ar...

4.3CVSS6.4AI score0.01191EPSS
CVE
CVE
added 2013/12/18 11:0 a.m.47 views

CVE-2013-5415

IBM Rational ClearCase is affected by CVE-2013-5415 due to undisclosed buffer overflow and privilege-escalation vulnerabilities exploitable by a local user to gain elevated privileges. Affected ranges include 7.1.1.x, 7.1.2 up to 7.1.2.12, 8.0.0.x up to 8.0.0.8, and 8.0.1.x up to 8.0.1.1. IBM’s r...

7.2CVSS6.8AI score0.00349EPSS
CVE
CVE
added 2018/03/26 6:0 p.m.44 views

CVE-2015-5039

IBM Rational ClearCase Remote Client and Change Management Integrations are affected by CVE-2015-5039 due to improper hostname validation of X.509 SSL certificates. Affected products/versions: Rational ClearCase 7.1.x, 8.0.x prior to 8.0.0.18, and 8.0.1.x prior to 8.0.1.11. Root cause: hostname v...

7.4CVSS6.9AI score0.01167EPSS
CVE
CVE
added 2013/12/18 11:0 a.m.43 views

CVE-2013-5416

IBM Rational ClearCase is affected by CVE-2013-5416 (privilege-escalation via local vectors). The IBM advisory cites buffer overflow / privilege-escalation issues in ClearCase and MultiSite across affected releases (7.1.1.x, 7.1.2–7.1.2.12, 8.0.0.x up to 8.0.0.8, and 8.0.1.x up to 8.0.1.1). Remed...

7.2CVSS6.5AI score0.00323EPSS
CVE
CVE
added 2018/04/20 9:0 p.m.40 views

CVE-2014-0931

CVE-2014-0931 maps to multiple XXE vulnerabilities in IBM Rational ClearCase components: CCRC WAN Server/CM Server, Perl CC/CQ integration scripts, CMAPI Java interface, ClearCase remote client, and CMI/OSLC-based ClearQuest integrations. Affected product lines span IBM Rational ClearCase 7.0.x (...

9.1CVSS8.8AI score0.0273EPSS