Vulnerability Details CVE-2008-5326
The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7.0.0 before 7.0.0.4 and 7.0.1 before 7.0.1.3 on Windows allows local users to obtain (1) user and (2) database passwords by using a password revealer utility on a field containing a series of asterisks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.7%
CVSS Severity
CVSS v2 Score 4.4
References
- http://secunia.com/advisories/32847
- http://www-01.ibm.com/support/docview.wss?uid=swg1PK30938
- http://www.securityfocus.com/bid/32577
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46994
- http://secunia.com/advisories/32847
- http://www-01.ibm.com/support/docview.wss?uid=swg1PK30938
- http://www.securityfocus.com/bid/32577
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46994
Products affected by CVE-2008-5326
-
cpe:2.3:a:ibm:rational_clearquest:7.0.0.0
-
cpe:2.3:a:ibm:rational_clearquest:7.0.0.1
-
cpe:2.3:a:ibm:rational_clearquest:7.0.0.2
-
cpe:2.3:a:ibm:rational_clearquest:7.0.0.3
-
cpe:2.3:a:ibm:rational_clearquest:7.0.1
-
cpe:2.3:a:ibm:rational_clearquest:7.0.1.1
-
cpe:2.3:a:ibm:rational_clearquest:7.0.1.2
-
cpe:2.3:o:microsoft:windows:-
-
cpe:2.3:o:microsoft:windows:1.0
-
cpe:2.3:o:microsoft:windows:2.0
-
cpe:2.3:o:microsoft:windows:2000
-
cpe:2.3:o:microsoft:windows:3.0
-
cpe:2.3:o:microsoft:windows:3.1
-
cpe:2.3:o:microsoft:windows:3.11
-
cpe:2.3:o:microsoft:windows:server_2008
-
cpe:2.3:o:microsoft:windows:vista