CQWeb (aka the web interface) in IBM Rational ClearQuest prior to 7.1.1 does not properly handle use of legacy URLs for automatic login, which might allow malicious users to discover the passwords for user accounts via unspecified vectors.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
ibm rational clearquest 5.00 |
||
ibm rational clearquest 6.00 |
||
ibm rational clearquest 6.12 |
||
ibm rational clearquest 7.0 |
||
ibm rational clearquest 7.0.1 |
||
ibm rational clearcase 7.0.0.4 |
||
ibm rational clearcase 7.0.0.1 |
||
ibm rational clearquest 5.20 |
||
ibm rational clearquest 6.10 |
||
ibm rational clearquest 7.0.0.1 |
||
ibm rational clearquest 7.0.1.0 |
||
ibm rational clearcase 7.0.1.1 |
||
ibm rational clearcase 7.0.0.2 |
||
ibm rational clearquest 6.13 |
||
ibm rational clearquest 6.14 |
||
ibm rational clearquest 6.15 |
||
ibm rational clearquest 6.16 |
||
ibm rational clearcase |
||
ibm rational clearquest 2007 |
||
ibm rational clearquest 2008 |
||
ibm rational clearquest 7.0.1.1 |
||
ibm rational clearquest 7.0.1.3 |
||
ibm rational clearquest 7.0.2 |
||
ibm rational clearcase 7.0.1.3 |
Vulmon