Local Access Vulnerability in IBM Rational ClearQuest Products
CVE-2014-3106

Currently unrated

Key Information:

Vendor: IBM
Status: Rational Clearcase
Vendor: CVE Published:; 23 September 2014

What is CVE-2014-3106?

IBM Rational ClearQuest versions 7.1 prior to 7.1.2.15, 8.0.0 prior to 8.0.0.12, and 8.0.1 prior to 8.0.1.5 exhibit a vulnerability due to improper implementation of the Local Access Only protection mechanism. This flaw allows remote attackers to bypass authentication measures and gain unauthorized access to sensitive files through the Help Server Administration feature, potentially exposing critical information.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21682950

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/94313

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 23, 2014
Vulnerability Reserved
Apr 29, 2014