Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5327

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2008-5327
Last Modified 05 Dec 2008 12:00:00
Published 04 Dec 2008 07:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-5327

Summary

The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7 before 7.1 stores the database password in cleartext in an object in a ClearQuest connection profile or export file, which allows remote authenticated users to obtain sensitive information by locating the password object within the object tree.

Vulnerable Systems

Application

  • Ibm Rational Clearquest 7.0

  • Ibm Rational Clearquest 7.0.0.0

  • Ibm Rational Clearquest 7.0.0.1

  • Ibm Rational Clearquest 7.0.0.2

  • Ibm Rational Clearquest 7.0.0.3

  • Ibm Rational Clearquest 7.0.1

  • Ibm Rational Clearquest 7.0.1.1

  • Ibm Rational Clearquest 7.0.1.2

  • Ibm Rational Clearquest 7.0.2


References

XF - clearquest-maintenance-info-disclosure(46995)

AIXAPAR - PK65908

SECUNIA - 32847


Last Updated: 27 May 2016 10:48:46