CVE-2014-6134

Опубликовано: 25 мар. 2015

Источник: nvd

CVSS2: 1.2

EPSS Низкий

Описание

IBM Rational ClearCase 8.0.0 before 8.0.0.14 and 8.0.1 before 8.0.1.7, when Installation Manager before 1.8.2 is used, retains cleartext server passwords in process memory throughout the installation procedure, which might allow local users to obtain sensitive information by leveraging access to the installation account.

Ссылки

http://www-01.ibm.com/support/docview.wss?uid=swg21688450
Patch
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21688450
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ibm:installation_manager:*:*:*:*:*:*:*:*

Версия до 1.8.1.0 (включая)

Конфигурация 2

Одно из

cpe:2.3:a:ibm:rational_clearcase:8.0.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearcase:8.0.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearcase:8.0.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearcase:8.0.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearcase:8.0.0.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearcase:8.0.0.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearcase:8.0.0.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearcase:8.0.0.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearcase:8.0.0.8:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearcase:8.0.0.9:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearcase:8.0.0.10:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearcase:8.0.0.11:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearcase:8.0.0.12:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearcase:8.0.0.13:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearcase:8.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearcase:8.0.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearcase:8.0.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearcase:8.0.1.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearcase:8.0.1.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearcase:8.0.1.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_clearcase:8.0.1.6:*:*:*:*:*:*:*

EPSS

Процентиль: 31%

0.00118

Низкий

1.2 Low

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-9pf4-6pr2-9j32

github

больше 3 лет назад