SQL Error Vulnerability in IBM Rational ClearQuest Web Client
CVE-2012-5765

Currently unrated

Key Information:

Vendor: IBM
Status: Rational Clearquest
Vendor: CVE Published:; 20 December 2012

Summary

The Web Client in IBM Rational ClearQuest versions prior to 7.1.2.9 and 8.0.0.5 is susceptible to a vulnerability that allows remote attackers to potentially access sensitive information through triggering of SQL error messages. This flaw arises from unspecified vectors that can lead to unintended error output, which may expose database details or other sensitive application data.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21620048

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg1PM72905

vendor-advisoryx_refsource_AIXAPAR

https://exchange.xforce.ibmcloud.com/vulnerabilities/80211

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Dec 20, 2012
Vulnerability Reserved
Nov 2, 2012