Ibm: >> Rational Clearcase >> 7.0.0.2 Security Vulnerabilities
CQWeb (aka the web interface) in IBM Rational ClearQuest before 7.1.1 does not properly handle use of legacy URLs for automatic login, which might allow attackers to discover the passwords for user accounts via unspecified vectors.
CVSS Score
5.0
EPSS Score
0.003
Published
2009-12-18
UCM-CQ in IBM Rational ClearCase 7.0.0.x before 7.0.0.5, 7.0.1.x before 7.0.1.4, and 7.1.x before 7.1.0.1 on Linux and AIX places a username and password on the command line, which allows local users to obtain credentials by listing the process.
CVSS Score
2.1
EPSS Score
0.001
Published
2009-04-14