Lucene search
HistoryDec 29, 2010 - 6:00 p.m.
CVE-2010-4602
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
6.1
Confidence
Low
EPSS
0.014
Percentile
86.3%
The Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1 allows remote authenticated users to bypass “restricted user” limitations, and read arbitrary records, via a modified record number in the URL for a RECORD action, as demonstrated by a modified bookmark.
Affected configurations
Node
ibmrational_clearquestMatch7.1.1.1
ORibmrational_clearquestMatch7.1.1.2
ORibmrational_clearquestMatch7.1.1.3
ORibmrational_clearquestMatch7.1.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | rational_clearquest | 7.1.1.1 | cpe:2.3:a:ibm:rational_clearquest:7.1.1.1:*:*:*:*:*:*:* |
| ibm | rational_clearquest | 7.1.1.2 | cpe:2.3:a:ibm:rational_clearquest:7.1.1.2:*:*:*:*:*:*:* |
| ibm | rational_clearquest | 7.1.1.3 | cpe:2.3:a:ibm:rational_clearquest:7.1.1.3:*:*:*:*:*:*:* |
| ibm | rational_clearquest | 7.1.2 | cpe:2.3:a:ibm:rational_clearquest:7.1.2:*:*:*:*:*:*:* |
Related
prion
prion
Authentication flaw
2010-12-29 18:00:00
cve
cve
CVE-2010-4602
2010-12-29 18:00:03
cvelist
cvelist
CVE-2010-4602
2010-12-29 17:27:00
nessus
nessus
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
6.1
Confidence
Low
EPSS
0.014
Percentile
86.3%
Related for NVD:CVE-2010-4602