Multiple XML external entity (XXE) vulnerabilities in (1) CQWeb / CM Server, (2) ClearQuest Native client, (3) ClearQuest Eclipse client, and (4) ClearQuest Eclipse Designer components in IBM Rational ClearQuest 7.1.1 up to and including 7.1.1.9, 7.1.2 up to and including 7.1.2.13, 8.0.0 up to and including 8.0.0.10, and 8.0.1 up to and including 8.0.1.3 allow remote malicious users to cause a denial of service or access other servers via crafted XML data. IBM X-Force ID: 92623.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm rational clearquest |