CVE Vulnerabilities

CVE-2012-2164

Published: Aug 17, 2012 | Modified: Aug 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.5 MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

The Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3 allows remote authenticated users to bypass intended access restrictions, and use the Site Administration menu to modify system settings, via a parameter-tampering attack.

Affected Software

Name Vendor Start Version End Version
Rational_clearquest Ibm 7.1.1.1 (including) 7.1.1.1 (including)
Rational_clearquest Ibm 7.1.1.2 (including) 7.1.1.2 (including)
Rational_clearquest Ibm 7.1.1.3 (including) 7.1.1.3 (including)
Rational_clearquest Ibm 7.1.1.4 (including) 7.1.1.4 (including)
Rational_clearquest Ibm 7.1.1.5 (including) 7.1.1.5 (including)
Rational_clearquest Ibm 7.1.1.6 (including) 7.1.1.6 (including)
Rational_clearquest Ibm 7.1.1.7 (including) 7.1.1.7 (including)
Rational_clearquest Ibm 7.1.1.8 (including) 7.1.1.8 (including)
Rational_clearquest Ibm 7.1.2 (including) 7.1.2 (including)
Rational_clearquest Ibm 7.1.2.1 (including) 7.1.2.1 (including)
Rational_clearquest Ibm 7.1.2.2 (including) 7.1.2.2 (including)
Rational_clearquest Ibm 7.1.2.3 (including) 7.1.2.3 (including)
Rational_clearquest Ibm 7.1.2.4 (including) 7.1.2.4 (including)
Rational_clearquest Ibm 7.1.2.5 (including) 7.1.2.5 (including)
Rational_clearquest Ibm 7.1.2.6 (including) 7.1.2.6 (including)

References