Lucene search

MitreCVELIST:CVE-2009-4357

HistoryDec 18, 2009 - 7:00 p.m.

CVE-2009-4357

2009-12-1819:00:00

mitre

www.cve.org

ibm rational clearquest

web interface

security issue

legacy urls

automatic login

user accounts

AI Score

6.4

Confidence

Low

EPSS

0.002

Percentile

55.5%

JSON

CQWeb (aka the web interface) in IBM Rational ClearQuest before 7.1.1 does not properly handle use of legacy URLs for automatic login, which might allow attackers to discover the passwords for user accounts via unspecified vectors.

References

secunia.com/advisories/37811

securitytracker.com/id?1023370

www-01.ibm.com/support/docview.wss?uid=swg1PK86377

www.securityfocus.com/bid/37385

www.vupen.com/english/advisories/2009/3580