CVE-2015-4996

MEDIUM

IBM Rational ClearQuest 7.1.x, 8.0.0.x-8.0.0.16, 8.0.1.x-8.0.1.9 - Unauthenticated Credential Exposure

Title source: llm
STIX 2.1

Description

IBM Rational ClearQuest 7.1.x and 8.0.0.x before 8.0.0.17 and 8.0.1.x before 8.0.1.10 allows local users to spoof database servers and discover credentials via unspecified vectors.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1034558
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21972331

Scores

CVSS v3 5.1
EPSS 0.0032
EPSS Percentile 23.6%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (50)
ibm/rational_clearquest 7.1
ibm/rational_clearquest 7.1.0.1
ibm/rational_clearquest 7.1.0.2
ibm/rational_clearquest 7.1.1
ibm/rational_clearquest 7.1.1.1
ibm/rational_clearquest 7.1.1.2
ibm/rational_clearquest 7.1.1.3
ibm/rational_clearquest 7.1.1.4
ibm/rational_clearquest 7.1.1.5
ibm/rational_clearquest 7.1.1.6
... and 40 more
Published Jan 02, 2016
Tracked Since Feb 18, 2026