Security bypass vulnerability in web client in IBM Rational ClearQuest via a parameter-tampering attackID: oval:org.secpod.oval:def:7049 | Date: (C)2012-10-02 (M)2022-10-10 |
Class: VULNERABILITY | Family: windows |
The host is installed with IBM Rational ClearQuest 7.1.x through 7.1.2.7 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly validate user credentials. Successful exploitation could allow attackers to gain access to the Site Administration menu to obtain sensitive information or modify server settings.
Platform: |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Vista |
Product: |
IBM Rational ClearQuest |