CVE-2012-2164 in Rational ClearQuestinfo

Summary

The Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3 allows remote authenticated users to bypass intended access restrictions, and use the Site Administration menu to modify system settings, via a parameter-tampering attack.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

04/04/2012

Disclosure

08/17/2012

Moderation

VulDB entry created

Entries

VDB-61679 (1)

CPE

ready

CWE

CWE-264 (Confirmed)

CVSS

5.4

EPSS

0.00154

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-2164
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-2164
CVE Details	https://www.cvedetails.com/cve/CVE-2012-2164/

◂ Previous Overview Next ▸