Vulnerability Details CVE-2016-2922
IBM Rational ClearQuest 8.0 through 8.0.1.9 and 9.0 through 9.0.1.3 (CQ OSLC linkages, EmailRelay) fails to check the SSL certificate against the requested hostname. It is subject to a man-in-the-middle attack with an impersonating server observing all the data transmitted to the real server. IBM X-Force ID: 113353.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 36.1%
CVSS Severity
CVSS v3 Score 3.7
CVSS v2 Score 4.3
References
Products affected by CVE-2016-2922
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.0
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.1
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.10
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.11
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.12
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.13
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.14
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.15
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.16
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.17
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.18
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.19
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.2
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.20
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.21
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.3
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.4
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.5
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.6
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.7
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.8
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.9
-
cpe:2.3:a:ibm:rational_clearquest:8.0.1.0
-
cpe:2.3:a:ibm:rational_clearquest:8.0.1.1
-
cpe:2.3:a:ibm:rational_clearquest:8.0.1.10
-
cpe:2.3:a:ibm:rational_clearquest:8.0.1.11
-
cpe:2.3:a:ibm:rational_clearquest:8.0.1.12
-
cpe:2.3:a:ibm:rational_clearquest:8.0.1.13
-
cpe:2.3:a:ibm:rational_clearquest:8.0.1.14
-
cpe:2.3:a:ibm:rational_clearquest:8.0.1.15
-
cpe:2.3:a:ibm:rational_clearquest:8.0.1.16
-
cpe:2.3:a:ibm:rational_clearquest:8.0.1.17
-
cpe:2.3:a:ibm:rational_clearquest:8.0.1.2
-
cpe:2.3:a:ibm:rational_clearquest:8.0.1.3
-
cpe:2.3:a:ibm:rational_clearquest:8.0.1.4
-
cpe:2.3:a:ibm:rational_clearquest:8.0.1.5
-
cpe:2.3:a:ibm:rational_clearquest:8.0.1.6
-
cpe:2.3:a:ibm:rational_clearquest:8.0.1.7
-
cpe:2.3:a:ibm:rational_clearquest:8.0.1.8
-
cpe:2.3:a:ibm:rational_clearquest:8.0.1.9
-
cpe:2.3:a:ibm:rational_clearquest:9.0.0.0
-
cpe:2.3:a:ibm:rational_clearquest:9.0.0.1
-
cpe:2.3:a:ibm:rational_clearquest:9.0.0.2
-
cpe:2.3:a:ibm:rational_clearquest:9.0.0.3
-
cpe:2.3:a:ibm:rational_clearquest:9.0.0.4
-
cpe:2.3:a:ibm:rational_clearquest:9.0.0.5
-
cpe:2.3:a:ibm:rational_clearquest:9.0.0.6
-
cpe:2.3:a:ibm:rational_clearquest:9.0.1.0
-
cpe:2.3:a:ibm:rational_clearquest:9.0.1.1
-
cpe:2.3:a:ibm:rational_clearquest:9.0.1.2
-
cpe:2.3:a:ibm:rational_clearquest:9.0.1.3