Remote Client Vulnerability in IBM Rational ClearCase
CVE-2015-5039
7.4HIGH
Summary
A vulnerability exists in the Remote Client and change management integrations of IBM Rational ClearCase where improper validation of hostnames in X.509 certificates from SSL servers can be exploited. This could enable remote attackers to spoof SSL servers, potentially allowing them to obtain sensitive information or modify network traffic using specially crafted certificates. This issue affects various versions of IBM Rational ClearCase, posing a significant risk to user data and network integrity.
References
CVSS V3.1
Score:
7.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved