CVE-2008-5326

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2008-5326
The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7.0.0 before 7.0.0.4 and 7.0.1 before 7.0.1.3 on Windows allows local users to obtain (1) user and (2) database passwords by using a password revealer utility on a field containing a series of asterisks.

4.4 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 3.4 / Impact : 6.4

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://secunia.com/advisories/32847 Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1PK30938 Patch Vendor Advisory
http://www.securityfocus.com/bid/32577
https://exchange.xforce.ibmcloud.com/vulnerabilities/46994
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
OR cpe:2.3:a:ibm:rational_clearquest:7.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearquest:7.0.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearquest:7.0.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearquest:7.0.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearquest:7.0.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearquest:7.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearquest:7.0.0.2:*:*:*:*:*:*:*
Information

Published : 2008-12-04 16:30

Updated : 2017-08-07 18:33

NVD link : CVE-2008-5326

Mitre link : CVE-2008-5326

JSON object : View

CWE
CWE-255

Credentials Management Errors

Advertisement

dedicated server usa
Products Affected

microsoft

  • windows

ibm

  • rational_clearquest