IBM Rational ClearQuest 8.0 up to and including 8.0.1.9 and 9.0 up to and including 9.0.1.3 (CQ OSLC linkages, EmailRelay) fails to check the SSL certificate against the requested hostname. It is subject to a man-in-the-middle attack with an impersonating server observing all the data transmitted to the real server. IBM X-Force ID: 113353.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm rational clearquest |