Parameter Tampering Vulnerability in IBM Rational ClearQuest Web Client
CVE-2012-2164

Currently unrated

Key Information:

Vendor: IBM
Status: Rational Clearquest
Vendor: CVE Published:; 17 August 2012

Summary

The Web client in IBM Rational ClearQuest versions prior to 7.1.2.7 for 7.1.x and 8.0.0.3 for 8.x is susceptible to parameter tampering attacks. This vulnerability enables remote authenticated users to bypass access controls and modify system settings through the Site Administration menu. This flaw poses significant security risks, allowing unauthorized changes to essential configurations that could compromise the integrity and security of the application.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/75039

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg1PM62735

vendor-advisoryx_refsource_AIXAPAR

http://www.ibm.com/support/docview.wss?uid=swg21606318

x_refsource_CONFIRM

Timeline

Vulnerability published
Aug 17, 2012
Vulnerability Reserved
Apr 4, 2012