CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
98.3%
SQL injection vulnerability in /main in IBM Rational ClearQuest (CQ) Web 7.0.0.0-IFIX02 and 7.0.0.1 allows remote attackers to execute arbitrary SQL commands via the username parameter in a GenerateMainFrame command.
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | rational_clearquest | 7.0.0.0 | cpe:2.3:a:ibm:rational_clearquest:7.0.0.0:*:*:*:*:*:*:* |
ibm | rational_clearquest | 7.0.0.1 | cpe:2.3:a:ibm:rational_clearquest:7.0.0.1:*:*:*:*:*:*:* |