Описание
IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 does not properly implement the Local Access Only protection mechanism, which allows remote attackers to bypass authentication and read files via the Help Server Administration feature.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:rational_clearcase:7.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:7.1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:7.1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:7.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:7.1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:7.1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:7.1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:7.1.1.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:7.1.1.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:7.1.1.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:7.1.1.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:7.1.1.8:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:7.1.1.9:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:7.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:7.1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:7.1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:7.1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:7.1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:7.1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:7.1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:7.1.2.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:7.1.2.9:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:7.1.2.10:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:7.1.2.11:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:7.1.2.12:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:7.1.2.13:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:7.1.2.14:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:8.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:8.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:8.0.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:8.0.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:8.0.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:8.0.0.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:8.0.0.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:8.0.0.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:8.0.0.8:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:8.0.0.9:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:8.0.0.10:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:8.0.0.11:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:8.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:8.0.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:8.0.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:8.0.1.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearcase:8.0.1.4:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.00258
Низкий
5 Medium
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
больше 3 лет назад
IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 does not properly implement the Local Access Only protection mechanism, which allows remote attackers to bypass authentication and read files via the Help Server Administration feature.
EPSS
Процентиль: 49%
0.00258
Низкий
5 Medium
CVSS2
Дефекты
CWE-287