CVE-2019-4059Insufficiently Protected Credentials in IBM Rational Clearcase

CWE-522Insufficiently Protected Credentials3 documents3 sources
Severity
9.8CRITICALNVD
EPSS
0.3%
top 46.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Rational Clearcase
Timeline
PublishedFeb 15
Latest updateMay 13

Description

IBM Rational ClearCase 1.0.0.0 GIT connector does not sufficiently protect the document database password. An attacker could obtain the password and gain unauthorized access to the document database. IBM X-Force ID: 156583.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

NVDibm/rational_clearcase9.0.19.0.1.5
CVEListV5ibm/rational_clearcase1.0.0.0

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-xq3v-7jhc-8vq7: IBM Rational ClearCase 12022-05-13
CVEList
CVE-2019-4059: IBM Rational ClearCase 12019-02-15
CVE-2019-4059 — Insufficiently Protected Credentials | cvebase