Rational Clearquest Security Vulnerabilities and Issues — Rational Clearquest CVE List

Lucene search

IbmRational Clearquest

7 matches found

CVE•added 2008/12/05 12:30 a.m.•51 views

CVE-2008-5327

The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7 before 7.1 stores the database password in cleartext in an object in a ClearQuest connection profile or export file, which allows remote authenticated users to obtain sensitive information by locating the password object within the object...

6.5CVSS5.8AI score0.00393EPSS

CVE•added 2011/03/29 6:55 p.m.•51 views

CVE-2011-1205

Multiple buffer overflows in unspecified COM objects in Rational Common Licensing 7.0 through 7.1.1.4 in IBM Rational ClearCase 7.0.0.4 through 7.1.1.4, ClearQuest 7.0.0.4 through 7.1.1.4, and other products allow local users to gain privileges via a Trojan horse HTML document in the My Computer zo...

6.9CVSS6.7AI score0.00052EPSS

CVE•added 2013/09/28 3:40 a.m.•45 views

CVE-2013-0598

Cross-site request forgery (CSRF) vulnerability in the Web Client in IBM Rational ClearQuest 7.1 before 7.1.2.12, 8.0 before 8.0.0.8, and 8.0.1 before 8.0.1.1 allows remote attackers to hijack the authentication of arbitrary users.

6.8CVSS7.2AI score0.00119EPSS

CVE•added 2024/07/17 7:15 p.m.•45 views

CVE-2024-28796

IBM ClearQuest (CQ) 9.1 through 9.1.0.6 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 286...

6.4CVSS5.9AI score0.00081EPSS

CVE•added 2015/03/25 1:59 a.m.•43 views

CVE-2014-8925

Cross-site request forgery (CSRF) vulnerability in ClearQuest Web in IBM Rational ClearQuest 7.1.x before 7.1.2.17, 8.0.0.x before 8.0.0.14, and 8.0.1.x before 8.0.1.7 allows remote attackers to hijack the authentication of arbitrary users for requests that trigger a logout or insert XSS sequences.

6.8CVSS6.6AI score0.00148EPSS

CVE•added 2010/12/29 6:0 p.m.•41 views

CVE-2010-4603

IBM Rational ClearQuest 7.0.x before 7.0.1.11, 7.1.1.x before 7.1.1.4, and 7.1.2.x before 7.1.2.1 does not prevent modification of back-reference fields, which allows remote authenticated users to interfere with intended record relationships, and possibly cause a denial of service (loop) or have un...

6.5CVSS6.8AI score0.00673EPSS

CVE•added 2005/09/20 10:3 p.m.•37 views

CVE-2005-2994

Unspecified vulnerability in the web client for IBM Rational ClearQuest 2002.05.00 and 2002.05.20, and 2003.06.00 through 2003.06.15 before SR5, allows remote attackers to execute XML Style Sheets (XSS).

6.8CVSS7.2AI score0.01045EPSS