Information Disclosure Vulnerability in IBM Rational ClearQuest
CVE-2012-2165

Currently unrated

Key Information:

Vendor: IBM
Status: Rational Clearquest
Vendor: CVE Published:; 17 August 2012

Summary

IBM Rational ClearQuest versions 7.1.x prior to 7.1.2.7 and 8.x prior to 8.0.0.3 exhibit a vulnerability when ClearQuest Authentication is enabled. This flaw allows remote authenticated users to conduct queries that reveal password hashes, posing a significant risk of unauthorized access and data breaches. It is crucial for users of affected versions to apply the necessary updates to mitigate this security risk.

References

http://www-01.ibm.com/support/docview.wss?uid=swg1PM62740

vendor-advisoryx_refsource_AIXAPAR

https://exchange.xforce.ibmcloud.com/vulnerabilities/75040

vdb-entryx_refsource_XF

http://www.ibm.com/support/docview.wss?uid=swg21606385

x_refsource_CONFIRM

Timeline

Vulnerability published
Aug 17, 2012
Vulnerability Reserved
Apr 4, 2012