Parameter Tampering Vulnerability in IBM Rational ClearQuest Web Client
CVE-2012-2164

Currently unrated

Key Information:

Vendor

IBM
Status
Rational Clearquest
Vendor
CVE Published:
17 August 2012

What is CVE-2012-2164?

The Web client in IBM Rational ClearQuest versions prior to 7.1.2.7 for 7.1.x and 8.0.0.3 for 8.x is susceptible to parameter tampering attacks. This vulnerability enables remote authenticated users to bypass access controls and modify system settings through the Site Administration menu. This flaw poses significant security risks, allowing unauthorized changes to essential configurations that could compromise the integrity and security of the application.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/75039
vdb-entryx_refsource_XF
http://www-01.ibm.com/support/docview.wss?uid=swg1PM62735
vendor-advisoryx_refsource_AIXAPAR
http://www.ibm.com/support/docview.wss?uid=swg21606318
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.