Rational Clearcase@7.1.1.7 Security Vulnerabilities and Issues — Rational Clearcase@7.1.1.7 CVE List

Lucene search

IbmRational Clearcase7.1.1.7

10 matches found

CVE•added 2014/09/23 9:55 p.m.•45 views

CVE-2014-3103

The Web component in IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an htt...

5CVSS6.4AI score0.00207EPSS

CVE•added 2014/09/23 8:55 p.m.•42 views

CVE-2014-3101

The login form in the Web component in IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 does not insert a delay after a failed authentication attempt, which makes it easier for remote attackers to obtain access via a brute-force attack.

5CVSS6.6AI score0.00216EPSS

CVE•added 2014/09/23 9:55 p.m.•42 views

CVE-2014-3105

The OSLC integration feature in the Web component in IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 provides different error messages for failed login attempts depending on whether the username exists, which allows remote attackers to enumerate account ...

5CVSS6.6AI score0.00207EPSS

CVE•added 2014/09/23 9:55 p.m.•40 views

CVE-2014-3106

IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 does not properly implement the Local Access Only protection mechanism, which allows remote attackers to bypass authentication and read files via the Help Server Administration feature.

5CVSS6.9AI score0.00258EPSS

CVE•added 2014/09/23 8:55 p.m.•38 views

CVE-2014-3090

IBM Rational ClearCase 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.

5CVSS6.8AI score0.00885EPSS

CVE•added 2014/03/21 10:55 a.m.•37 views

CVE-2014-0829

Multiple buffer overflows in IBM Rational ClearCase 7.x before 7.1.2.13, 8.0.0.x before 8.0.0.10, and 8.0.1.x before 8.0.1.3 allow remote authenticated users to obtain privileged access via unspecified vectors.

6.5CVSS6.2AI score0.00518EPSS

CVE•added 2014/09/23 9:55 p.m.•37 views

CVE-2014-3104

IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.

5CVSS6.8AI score0.00852EPSS

CVE•added 2013/12/19 10:55 p.m.•36 views

CVE-2013-5422

The Web Client in IBM Rational ClearQuest 7.1 through 7.1.2.12, 8.0.0.x before 8.0.0.9, and 8.0.1.x before 8.0.1.2, when a multi-database dataset exists, allows remote attackers to read database names via unspecified vectors.

4.3CVSS6.4AI score0.00234EPSS

CVE•added 2013/12/18 4:4 p.m.•33 views

CVE-2013-5415

Buffer overflow in IBM Rational ClearCase through 7.1.2.12, 8.0.0.x before 8.0.0.9, and 8.0.1.x before 8.0.1.2 allows local users to gain privileges via unspecified vectors.

7.2CVSS6.8AI score0.00049EPSS

CVE•added 2013/12/18 4:4 p.m.•31 views

CVE-2013-5416

Unspecified vulnerability in IBM Rational ClearCase through 7.1.2.12, 8.0.0.x before 8.0.0.9, and 8.0.1.x before 8.0.1.2 allows local users to gain privileges via unknown vectors.

7.2CVSS6.5AI score0.00046EPSS