Remote Authentication Flaw in IBM Rational ClearQuest Web Interface
CVE-2009-4357

Currently unrated

Key Information:

Vendor: IBM
Status: Rational Clearquest; Rational Clearcase
Vendor: CVE Published:; 18 December 2009

Summary

The web interface of IBM Rational ClearQuest prior to version 7.1.1 has a vulnerability that arises from the improper handling of legacy URLs used for automatic login. This flaw may allow malicious actors to exploit this weakness, potentially leading to the exposure of user passwords through unspecified attack vectors. Organizations using affected versions should consider implementing immediate security measures to mitigate the risk of unauthorized access.

References

http://securitytracker.com/id?1023370

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/37385

vdb-entryx_refsource_BID

http://secunia.com/advisories/37811

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 18, 2009