CVE-2012-2164

Currently unrated

Key Information:

Vendor: IBM
Status: Rational Clearquest
Vendor: CVE Published:; 17 August 2012

Summary

The Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3 allows remote authenticated users to bypass intended access restrictions, and use the Site Administration menu to modify system settings, via a parameter-tampering attack.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/75039

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg1PM62735

vendor-advisoryx_refsource_AIXAPAR

http://www.ibm.com/support/docview.wss?uid=swg21606318

x_refsource_CONFIRM

Timeline

Vulnerability published
Aug 17, 2012
Vulnerability Reserved
Apr 4, 2012