cbcvebase.
CVE-2014-6134
published 2015-03-25

CVE-2014-6134: IBM Rational ClearCase 8.0.0 before 8.0.0.14 and 8.0.1 before 8.0.1.7, when Installation Manager before 1.8.2 is used, retains cleartext server passwords in…

PriorityP45low1.2CVSS 2.0
AVLACHAuNCPINAN
EPSS
0.33%
25.0th percentile
IBM Rational ClearCase 8.0.0 before 8.0.0.14 and 8.0.1 before 8.0.1.7, when Installation Manager before 1.8.2 is used, retains cleartext server passwords in process memory throughout the installation procedure, which might allow local users to obtain sensitive information by leveraging access to the installation account.

Affected

22 ranges
VendorProductVersion rangeFixed in
ibminstallation_manager<= 1.8.1.0
ibmrational_clearcase
ibmrational_clearcase
ibmrational_clearcase
ibmrational_clearcase
ibmrational_clearcase
ibmrational_clearcase
ibmrational_clearcase
ibmrational_clearcase
ibmrational_clearcase
ibmrational_clearcase
ibmrational_clearcase
ibmrational_clearcase
ibmrational_clearcase
ibmrational_clearcase
ibmrational_clearcase
ibmrational_clearcase
ibmrational_clearcase
ibmrational_clearcase
ibmrational_clearcase
ibmrational_clearcase
ibmrational_clearcase
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.