CVE-2012-0744

IBM Rational ClearQuest <7.1.2.7 & 8.0.0.3 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-0744. PoCs published by anonymous.

AI-analyzed exploit summary The provided text describes multiple vulnerabilities in IBM Rational ClearQuest, including HTML injection, information disclosure, and security bypass. It lists affected versions and example URLs but does not contain executable exploit code.

Description

IBM Rational ClearQuest 7.1.x through 7.1.2.7 and 8.x through 8.0.0.3 allows remote attackers to obtain potentially sensitive information via a request to a (1) snoop, (2) hello, (3) ivt/, (4) hitcount, (5) HitCount.jsp, (6) HelloHTMLError.jsp, (7) HelloHTML.jsp, (8) HelloVXMLError.jsp, (9) HelloVXML.jsp, (10) HelloWMLError.jsp, (11) HelloWML.jsp, or (12) cqweb/j_security_check sample script.

Exploits (1)

exploitdb WRITEUP VERIFIED
by anonymous · textwebappsphp
https://www.exploit-db.com/exploits/37643

The provided text describes multiple vulnerabilities in IBM Rational ClearQuest, including HTML injection, information disclosure, and security bypass. It lists affected versions and example URLs but does not contain executable exploit code.

Classification
Writeup 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: IBM Rational ClearQuest 7.1.x through 7.1.2.7, 8.x through 8.0.0.3
No auth needed
Prerequisites: Access to vulnerable IBM Rational ClearQuest instance
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Various Sources vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1PM66896
Vendor Advisory x_refsource_confirm
http://www.ibm.com/support/docview.wss?uid=swg21606317
Vendor Advisory x_refsource_confirm
http://www.ibm.com/support/docview.wss?uid=swg21599361
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/74671

Scores

EPSS 0.0826
EPSS Percentile 94.2%

Details

CWE
CWE-200
Status published
Products (19)
ibm/rational_clearquest 7.1.1.1
ibm/rational_clearquest 7.1.1.2
ibm/rational_clearquest 7.1.1.3
ibm/rational_clearquest 7.1.1.4
ibm/rational_clearquest 7.1.1.5
ibm/rational_clearquest 7.1.1.6
ibm/rational_clearquest 7.1.1.7
ibm/rational_clearquest 7.1.1.8
ibm/rational_clearquest 7.1.2
ibm/rational_clearquest 7.1.2.1
... and 9 more
Published Aug 17, 2012
Tracked Since Feb 18, 2026