Remote Client Vulnerability in IBM Rational ClearCase
CVE-2015-5039

7.4HIGH

Key Information:

Vendor
IBM
Vendor
CVE Published:
26 March 2018

Summary

A vulnerability exists in the Remote Client and change management integrations of IBM Rational ClearCase where improper validation of hostnames in X.509 certificates from SSL servers can be exploited. This could enable remote attackers to spoof SSL servers, potentially allowing them to obtain sensitive information or modify network traffic using specially crafted certificates. This issue affects various versions of IBM Rational ClearCase, posing a significant risk to user data and network integrity.

References

CVSS V3.1

Score:
7.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.