Rational Clearquest@8.0.1 Security Vulnerabilities and Issues — Rational Clearquest@8.0.1 CVE List

Lucene search

IbmRational Clearquest8.0.1

5 matches found

CVE•added 2013/09/28 3:40 a.m.•45 views

CVE-2013-0598

Cross-site request forgery (CSRF) vulnerability in the Web Client in IBM Rational ClearQuest 7.1 before 7.1.2.12, 8.0 before 8.0.0.8, and 8.0.1 before 8.0.1.1 allows remote attackers to hijack the authentication of arbitrary users.

6.8CVSS7.2AI score0.00119EPSS

CVE•added 2015/03/25 1:59 a.m.•43 views

CVE-2014-8925

Cross-site request forgery (CSRF) vulnerability in ClearQuest Web in IBM Rational ClearQuest 7.1.x before 7.1.2.17, 8.0.0.x before 8.0.0.14, and 8.0.1.x before 8.0.1.7 allows remote attackers to hijack the authentication of arbitrary users for requests that trigger a logout or insert XSS sequences.

6.8CVSS6.6AI score0.00148EPSS

CVE•added 2013/10/01 12:55 a.m.•37 views

CVE-2013-3041

The Web Client in IBM Rational ClearQuest 7.1 before 7.1.2.12, 8.0 before 8.0.0.8, and 8.0.1 before 8.0.1.1 allows remote attackers to obtain sensitive information from the client-server data stream via unspecified vectors associated with a "JSON hijacking attack."

4.3CVSS6AI score0.00207EPSS

CVE•added 2018/08/13 4:29 p.m.•37 views

CVE-2016-2922

IBM Rational ClearQuest 8.0 through 8.0.1.9 and 9.0 through 9.0.1.3 (CQ OSLC linkages, EmailRelay) fails to check the SSL certificate against the requested hostname. It is subject to a man-in-the-middle attack with an impersonating server observing all the data transmitted to the real server. IBM X...

5.9CVSS5.5AI score0.00203EPSS

CVE•added 2016/01/02 5:59 a.m.•34 views

CVE-2015-4996

IBM Rational ClearQuest 7.1.x and 8.0.0.x before 8.0.0.17 and 8.0.1.x before 8.0.1.10 allows local users to spoof database servers and discover credentials via unspecified vectors.

5.1CVSS4.8AI score0.00049EPSS