Required CVE Record Information
Description
CQWeb (aka the web interface) in IBM Rational ClearQuest before 7.1.1 does not properly handle use of legacy URLs for automatic login, which might allow attackers to discover the passwords for user accounts via unspecified vectors.
References 5 Total
- securitytracker.com: 1023370 vdb-entry
- securityfocus.com: 37385 vdb-entry
- secunia.com: 37811 third-party-advisory
- www-01.ibm.com: PK86377 vendor-advisory
- vupen.com: ADV-2009-3580 vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 5 Total
- securitytracker.com: 1023370 vdb-entryx_transferred
- securityfocus.com: 37385 vdb-entryx_transferred
- secunia.com: 37811 third-party-advisoryx_transferred
- www-01.ibm.com: PK86377 vendor-advisoryx_transferred
- vupen.com: ADV-2009-3580 vdb-entryx_transferred