CVE-2008-5327IBM Rational Clearquest vulnerability

CWE-2553 documents3 sources
Severity
6.5MEDIUMNVD
EPSS
0.4%
top 39.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Rational Clearquest
Timeline
PublishedDec 5
Latest updateMay 17

Description

The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7 before 7.1 stores the database password in cleartext in an object in a ClearQuest connection profile or export file, which allows remote authenticated users to obtain sensitive information by locating the password object within the object tree.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 8.0 | Impact: 6.4

Affected Packages1 packages

NVDibm/rational_clearquest9 versions+8

🔴Vulnerability Details

2
GHSA
GHSA-2v5j-9wwc-q332: The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7 before 72022-05-17
CVEList
CVE-2008-5327: The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7 before 72008-12-05
CVE-2008-5327 — IBM Rational Clearquest vulnerability | cvebase