CVE-2008-5327

Опубликовано: 05 дек. 2008

Источник: nvd

CVSS2: 6.5

EPSS Низкий

Описание

The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7 before 7.1 stores the database password in cleartext in an object in a ClearQuest connection profile or export file, which allows remote authenticated users to obtain sensitive information by locating the password object within the object tree.

Ссылки

http://secunia.com/advisories/32847
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1PK65908
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/46995
http://secunia.com/advisories/32847
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1PK65908
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/46995

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:rational_clearquest:7.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearquest:7.0.0.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearquest:7.0.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearquest:7.0.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearquest:7.0.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearquest:7.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearquest:7.0.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearquest:7.0.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearquest:7.0.2:*:*:*:*:*:*:*

EPSS

Процентиль: 60%

0.00393

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-255

Связанные уязвимости

GHSA-2v5j-9wwc-q332

github

больше 3 лет назад