CVE-2012-2164IBM Rational Clearquest vulnerability

CWE-2643 documents3 sources
Severity
5.5MEDIUMNVD
EPSS
0.2%
top 63.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Rational Clearquest
Timeline
PublishedAug 17
Latest updateMay 17

Description

The Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3 allows remote authenticated users to bypass intended access restrictions, and use the Site Administration menu to modify system settings, via a parameter-tampering attack.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 8.0 | Impact: 4.9

Affected Packages1 packages

NVDibm/rational_clearquest18 versions+17

🔴Vulnerability Details

2
GHSA
GHSA-4jv2-g4w2-66wc: The Web client in IBM Rational ClearQuest 72022-05-17
CVEList
CVE-2012-2164: The Web client in IBM Rational ClearQuest 72012-08-17
CVE-2012-2164 — IBM Rational Clearquest vulnerability | cvebase