CVE-2011-3391

Currently unrated

Key Information:

Vendor: IBM
Status: Rational Build Forge
Vendor: CVE Published:; 8 September 2011

Summary

IBM Rational Build Forge 7.1.2 relies on client-side JavaScript code to enforce the EditSecurity permission requirement for the Export Key File function, which allows remote authenticated users to read a key file by removing a disable attribute in the Security sub-menu.

References

http://www.osvdb.org/74831

vdb-entryx_refsource_OSVDB

http://www.securityfocus.com/bid/49407

vdb-entryx_refsource_BID

http://securitytracker.com/id?1026004

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Sep 8, 2011
Vulnerability Reserved
Sep 8, 2011