Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2164

Overview

Vulnerability Score 5.5 5.5
CVE Id CVE-2012-2164
Last Modified 29 Aug 2012 12:00:00
Published 17 Aug 2012 04:55:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2012-2164

Summary

The Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3 allows remote authenticated users to bypass intended access restrictions, and use the Site Administration menu to modify system settings, via a parameter-tampering attack.

Vulnerable Systems

Application

  • Ibm Rational Clearquest 7.1.1.1

  • Ibm Rational Clearquest 7.1.1.2

  • Ibm Rational Clearquest 7.1.1.3

  • Ibm Rational Clearquest 7.1.1.4

  • Ibm Rational Clearquest 7.1.1.5

  • Ibm Rational Clearquest 7.1.1.6

  • Ibm Rational Clearquest 7.1.1.7

  • Ibm Rational Clearquest 7.1.1.8

  • Ibm Rational Clearquest 7.1.2

  • Ibm Rational Clearquest 7.1.2.1

  • Ibm Rational Clearquest 7.1.2.2

  • Ibm Rational Clearquest 7.1.2.3

  • Ibm Rational Clearquest 7.1.2.4

  • Ibm Rational Clearquest 7.1.2.5

  • Ibm Rational Clearquest 7.1.2.6

  • Ibm Rational Clearquest 8.0

  • Ibm Rational Clearquest 8.0.0

  • Ibm Rational Clearquest 8.0.0.1

  • Ibm Rational Clearquest 8.0.0.2


References

XF - rcq-parameter-tampering(75039)

CONFIRM - http://www.ibm.com/support/docview.wss?uid=swg21606318

AIXAPAR - PM62735


Last Updated: 27 May 2016 10:57:35