Local User Spoofing Vulnerability in IBM Rational ClearQuest
CVE-2015-4996

5.1MEDIUM

Key Information:

Vendor: IBM
Status: Rational Clearquest
Vendor: CVE Published:; 2 January 2016

What is CVE-2015-4996?

A vulnerability in IBM Rational ClearQuest allows local users to perform spoofing attacks on database servers, potentially exposing sensitive credentials. This issue affects versions 7.1.x, 8.0.0.x prior to 8.0.0.17, and 8.0.1.x prior to 8.0.1.10, and can be exploited through unknown vectors, leading to severe security risks.

References

http://www.securitytracker.com/id/1034558

vdb-entryx_refsource_SECTRACK

http://www-01.ibm.com/support/docview.wss?uid=swg21972331

x_refsource_CONFIRM

CVSS V3.1

Score:

5.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 2, 2016
Vulnerability Reserved
Jun 24, 2015