Rational Clearquest@7.0.2 Security Vulnerabilities and Issues — Rational Clearquest@7.0.2 CVE List

Lucene search

IbmRational Clearquest7.0.2

5 matches found

CVE•added 2008/12/05 12:30 a.m.•51 views

CVE-2008-5327

The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7 before 7.1 stores the database password in cleartext in an object in a ClearQuest connection profile or export file, which allows remote authenticated users to obtain sensitive information by locating the password object within the object...

6.5CVSS5.8AI score0.00393EPSS

CVE•added 2008/03/20 12:44 a.m.•41 views

CVE-2007-4592

Multiple cross-site scripting (XSS) vulnerabilities in the web interface for IBM Rational ClearQuest before 2003.06.16 Patch 2008A, 7.0.0.2_iFix01, and 7.0.1.1_iFix01 allow remote attackers to inject arbitrary web script or HTML via the (1) contextid, (2) username, (3) userNameVal, and (4) schema p...

4.3CVSS5.6AI score0.16226EPSS

CVE•added 2009/12/18 7:30 p.m.•40 views

CVE-2009-4357

CQWeb (aka the web interface) in IBM Rational ClearQuest before 7.1.1 does not properly handle use of legacy URLs for automatic login, which might allow attackers to discover the passwords for user accounts via unspecified vectors.

5CVSS6.4AI score0.00337EPSS

CVE•added 2010/06/30 6:30 p.m.•40 views

CVE-2010-2517

Multiple unspecified vulnerabilities in IBM Rational ClearQuest before 7.1.1.02 have unknown impact and attack vectors, as demonstrated by an AppScan report.

7.5CVSS6.8AI score0.0036EPSS

CVE•added 2009/06/25 5:30 p.m.•38 views

CVE-2009-2211

Cross-site scripting (XSS) vulnerability in the CQWeb server in IBM Rational ClearQuest 7.0.0 before 7.0.0.6 and 7.0.1 before 7.0.1.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.7AI score0.00289EPSS