CVE-2010-4602

Currently unrated

Key Information:

Vendor
IBM
Vendor
CVE Published:
29 December 2010

Summary

The Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1 allows remote authenticated users to bypass "restricted user" limitations, and read arbitrary records, via a modified record number in the URL for a RECORD action, as demonstrated by a modified bookmark.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.