Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.IBM_RATIONAL_CLEARQUEST_7_1_2_8.NASL
HistoryNov 01, 2012 - 12:00 a.m.

IBM Rational ClearQuest 7.1.x < 7.1.2.8 / 8.0.0.x < 8.0.0.4 GSKit Spoofing (credentialed check)

2012-11-0100:00:00
This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
8

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

83.1%

JSON

The remote host has a version of IBM Rational ClearQuest 7.1.x prior to 7.1.2.8 / 8.0.0.x prior to 8.0.0.4 installed. It is, therefore, affected by a spoofing vulnerability related to the included Global Security Kit (GSKit) and certificate objects.

The GSKit does not enforce file integrity of the PKCS #12 files it uses and is vulnerable to SSL server spoofing because the insertion of arbitrary CA certificates is possible.

Note that deployments not using LDAP are not affected and that PKCS #12 is not the default format used by ClearQuest.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(62786);
  script_version("1.6");
  script_cvs_date("Date: 2019/12/04");

  script_cve_id("CVE-2012-2203");
  script_bugtraq_id(54743);

  script_name(english:"IBM Rational ClearQuest 7.1.x < 7.1.2.8 / 8.0.0.x < 8.0.0.4 GSKit Spoofing (credentialed check)");
  script_summary(english:"Checks the version of IBM Rational ClearQuest.");

  script_set_attribute(attribute:"synopsis", value:
"The remote host has software installed that is affected by a spoofing
vulnerability.");
  script_set_attribute(attribute:"description", value:
"The remote host has a version of IBM Rational ClearQuest 7.1.x prior
to 7.1.2.8 / 8.0.0.x prior to 8.0.0.4 installed. It is, therefore,
affected by a spoofing vulnerability related to the included Global
Security Kit (GSKit) and certificate objects.

The GSKit does not enforce file integrity of the PKCS #12 files it
uses and is vulnerable to SSL server spoofing because the insertion
of arbitrary CA certificates is possible.

Note that deployments not using LDAP are not affected and that PKCS
#12 is not the default format used by ClearQuest.");
  script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg21612036");
  script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg21612033");
  script_set_attribute(attribute:"solution", value:
"Upgrade to IBM Rational ClearQuest 7.1.2.8 / 8.0.0.4 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-2203");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/07/27");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/07/27");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/11/01");

  script_set_attribute(attribute:"potential_vulnerability", value:"true");
  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:rational_clearquest");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ibm_rational_clearquest_installed.nasl");
  script_require_keys("installed_sw/IBM Rational ClearQuest", "Settings/ParanoidReport");

  exit(0);
}

include('ibm_rational_clearquest_version.inc');

rational_clearquest_check_version(
  fixes:make_nested_list(
    make_array("Min", "7.1.0.0", "Fix UI", "7.1.2.8", "Fix", "7.1208.0.124"),
    make_array("Min", "8.0.0.0", "Fix UI", "8.0.0.4", "Fix", "8.4.0.681")),
  severity:SECURITY_HOLE,
  paranoid:TRUE #only affects CQ installs using LDAP and PKCS #12 must be used
);
VendorProductVersionCPE
ibmrational_clearquestcpe:/a:ibm:rational_clearquest

Related

nvd 1
ibm 8
cvelist 1
prion 1
cve 1
nessus 3
nvd
nvd
CVE-2012-2203
2012-08-08 10:26:18
ibm
ibm
Security Bulletin: GSKit Trust Anchor vulnerability in Tivoli Directory Server (CVE-2012-2203)
2022-09-25 20:45:36
Security Bulletin: IBM Rational ClearQuest security vulnerability fixes for CVE-2012-2203
2018-06-17 04:40:45
Security Bulletin: IBM Tivoli Composite Application Manager for Transactions affected by multiple vulnerabilities in GSKit (CVE-2012-2203, CVE-2012-2191, CVE-2012-2190)
2022-09-25 22:39:39
cvelist
cvelist
CVE-2012-2203
2012-08-08 10:00:00
prion
prion
Format string
2012-08-08 10:26:00
cve
cve
CVE-2012-2203
2012-08-08 10:26:18
nessus
nessus
IBM WebSphere MQ 7.0 / 7.1 / 7.5 Global Security Toolkit Vulnerabilities
2012-11-29 00:00:00
IBM WebSphere MQ 7.1 / 7.5 Multiple Vulnerabilities
2012-11-29 00:00:00
IBM DB2 9.7 < Fix Pack 9 Multiple Vulnerabilities
2013-12-18 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

83.1%

JSON
Related for IBM_RATIONAL_CLEARQUEST_7_1_2_8.NASL
nvd1ibm8cvelist1prion1cve1nessus3