Cross-Site Request Forgery Vulnerability in IBM Rational ClearQuest
CVE-2014-8925

Currently unrated

Key Information:

Vendor: IBM
Status: Rational Clearquest
Vendor: CVE Published:; 25 March 2015

Summary

A cross-site request forgery (CSRF) vulnerability exists in IBM Rational ClearQuest that can enable remote attackers to execute unwanted actions on behalf of authenticated users. This security weakness could lead to unauthorized logouts or allow attackers to inject malicious scripts, compromising the integrity of user sessions. It affects multiple versions of IBM Rational ClearQuest before specific patch releases, highlighting the critical need for timely updates to mitigate such risks.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21699148

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 25, 2015
Vulnerability Reserved
Nov 14, 2014