CVE-2019-4059

CRITICAL

IBM Rational Clearcase - Insufficiently Protected Credentials

Title source: rule

Description

IBM Rational ClearCase 1.0.0.0 GIT connector does not sufficiently protect the document database password. An attacker could obtain the password and gain unauthorized access to the document database. IBM X-Force ID: 156583.

References (2)

[VDB Entry, Vendor Advisory] https://exchange.xforce.ibmcloud.com/vulnerabilities/156583

[Patch, Vendor Advisory] https://www.ibm.com/support/docview.wss?uid=ibm10870810

Scores

CVSS v3 9.8

EPSS 0.0030

EPSS Percentile 53.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-522

Status published

Affected Products (1)

ibm/rational_clearcase < 9.0.1.5

Timeline

Published Feb 15, 2019

Tracked Since Feb 18, 2026