CVE-2009-1292Sensitive Information Exposure in IBM Rational Clearcase

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
2.1LOWNVD
EPSS
0.1%
top 84.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Rational Clearcase
Timeline
PublishedApr 14
Latest updateMay 2

Description

UCM-CQ in IBM Rational ClearCase 7.0.0.x before 7.0.0.5, 7.0.1.x before 7.0.1.4, and 7.1.x before 7.1.0.1 on Linux and AIX places a username and password on the command line, which allows local users to obtain credentials by listing the process.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

NVDibm/rational_clearcase10 versions+9

Patches

Patch: www-01.ibm.comPatch: www-01.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-8h23-pp7x-2pww: UCM-CQ in IBM Rational ClearCase 72022-05-02
CVEList
CVE-2009-1292: UCM-CQ in IBM Rational ClearCase 72009-04-14
CVE-2009-1292 — Sensitive Information Exposure in IBM | cvebase