Lucene search

IbmCVE-2014-6134

HistoryMar 25, 2015 - 1:59 a.m.

CVE-2014-6134

2015-03-2501:59:03

CWE-200

ibm

web.nvd.nist.gov

ibm

rational clearcase

installation manager

security

passwords

memory

vulnerability

cve-2014-6134

CVSS2

1.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:H/Au:N/C:P/I:N/A:N

AI Score

5.8

Confidence

Low

EPSS

Percentile

5.1%

JSON

IBM Rational ClearCase 8.0.0 before 8.0.0.14 and 8.0.1 before 8.0.1.7, when Installation Manager before 1.8.2 is used, retains cleartext server passwords in process memory throughout the installation procedure, which might allow local users to obtain sensitive information by leveraging access to the installation account.

Affected configurations

Nvd

Node

ibminstallation_managerRange≤1.8.1.0

Node

ibmrational_clearcaseMatch8.0.0

ibmrational_clearcaseMatch8.0.0.1

ibmrational_clearcaseMatch8.0.0.2

ibmrational_clearcaseMatch8.0.0.3

ibmrational_clearcaseMatch8.0.0.4

ibmrational_clearcaseMatch8.0.0.5

ibmrational_clearcaseMatch8.0.0.6

ibmrational_clearcaseMatch8.0.0.7

ibmrational_clearcaseMatch8.0.0.8

ibmrational_clearcaseMatch8.0.0.9

ibmrational_clearcaseMatch8.0.0.10

ibmrational_clearcaseMatch8.0.0.11

ibmrational_clearcaseMatch8.0.0.12

ibmrational_clearcaseMatch8.0.0.13

ibmrational_clearcaseMatch8.0.1

ibmrational_clearcaseMatch8.0.1.1

ibmrational_clearcaseMatch8.0.1.2

ibmrational_clearcaseMatch8.0.1.3

ibmrational_clearcaseMatch8.0.1.4

ibmrational_clearcaseMatch8.0.1.5

ibmrational_clearcaseMatch8.0.1.6

VendorProductVersionCPE
ibminstallation_manager*cpe:2.3:a:ibm:installation_manager:*:*:*:*:*:*:*:*
ibmrational_clearcase8.0.0cpe:2.3:a:ibm:rational_clearcase:8.0.0:*:*:*:*:*:*:*
ibmrational_clearcase8.0.0.1cpe:2.3:a:ibm:rational_clearcase:8.0.0.1:*:*:*:*:*:*:*
ibmrational_clearcase8.0.0.2cpe:2.3:a:ibm:rational_clearcase:8.0.0.2:*:*:*:*:*:*:*
ibmrational_clearcase8.0.0.3cpe:2.3:a:ibm:rational_clearcase:8.0.0.3:*:*:*:*:*:*:*
ibmrational_clearcase8.0.0.4cpe:2.3:a:ibm:rational_clearcase:8.0.0.4:*:*:*:*:*:*:*
ibmrational_clearcase8.0.0.5cpe:2.3:a:ibm:rational_clearcase:8.0.0.5:*:*:*:*:*:*:*
ibmrational_clearcase8.0.0.6cpe:2.3:a:ibm:rational_clearcase:8.0.0.6:*:*:*:*:*:*:*
ibmrational_clearcase8.0.0.7cpe:2.3:a:ibm:rational_clearcase:8.0.0.7:*:*:*:*:*:*:*
ibmrational_clearcase8.0.0.8cpe:2.3:a:ibm:rational_clearcase:8.0.0.8:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	installation_manager	*	cpe:2.3:a:ibm:installation_manager::::::::
ibm	rational_clearcase	8.0.0	cpe:2.3:a:ibm:rational_clearcase:8.0.0:::::::*
ibm	rational_clearcase	8.0.0.1	cpe:2.3:a:ibm:rational_clearcase:8.0.0.1:::::::*
ibm	rational_clearcase	8.0.0.2	cpe:2.3:a:ibm:rational_clearcase:8.0.0.2:::::::*
ibm	rational_clearcase	8.0.0.3	cpe:2.3:a:ibm:rational_clearcase:8.0.0.3:::::::*
ibm	rational_clearcase	8.0.0.4	cpe:2.3:a:ibm:rational_clearcase:8.0.0.4:::::::*
ibm	rational_clearcase	8.0.0.5	cpe:2.3:a:ibm:rational_clearcase:8.0.0.5:::::::*
ibm	rational_clearcase	8.0.0.6	cpe:2.3:a:ibm:rational_clearcase:8.0.0.6:::::::*
ibm	rational_clearcase	8.0.0.7	cpe:2.3:a:ibm:rational_clearcase:8.0.0.7:::::::*
ibm	rational_clearcase	8.0.0.8	cpe:2.3:a:ibm:rational_clearcase:8.0.0.8:::::::*

Rows per page:

1-10 of 221

References

www-01.ibm.com/support/docview.wss?uid=swg21688450

CVSS2

1.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:H/Au:N/C:P/I:N/A:N

AI Score

5.8

Confidence

Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2014-6134