CVE-2009-4357

Currently unrated

Key Information:

Vendor: IBM
Status: Rational Clearquest; Rational Clearcase
Vendor: CVE Published:; 18 December 2009

Summary

CQWeb (aka the web interface) in IBM Rational ClearQuest before 7.1.1 does not properly handle use of legacy URLs for automatic login, which might allow attackers to discover the passwords for user accounts via unspecified vectors.

References

http://securitytracker.com/id?1023370

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/37385

vdb-entryx_refsource_BID

http://secunia.com/advisories/37811

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 18, 2009