A Cross-Site Request Forgery (CSRF) Attack vulnerability exists in IBM Rational ClearQuest Web Client.
| Subscribe to My Notifications to be notified of important product support alerts like this.
CVE ID:CVE-2013-0598
Description:
An unspecified vulnerability in IBM Rational ClearQuest Web Client could allow an attacker to perform a Cross-Site Request Forgery (CSRF) Attack. A CSRF Attack may trick the user’s web browser to perform an unwanted action.
CVSS Base Score: 3.5 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/83611> for the current score *CVSS Environmental Score:**Undefined CVSS Vector: (AV:N/AC:M/AU:S/C:N/I:P/A:N)
Rational ClearQuest Web 7.1 through 7.1.2.10, 8.0 through 8.0.0.7, and 8.0.1
Upgrade to one of the below versions of IBM Rational ClearQuest:
Workaround: None
Mitigation: Do not visit malicious sites or click on malicious links.