5

CVE-2008-1288

IBM Rational ClearQuest 7.0.1.1 and 7.0.0.2 might allow local or remote attackers to obtain sensitive information about users by reading user cookies.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmRational Clearquest Version7.0.0.2
IbmRational Clearquest Version7.0.1.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.44% 0.698
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://secunia.com/advisories/29280
Vendor Advisory
http://www.vupen.com/english/advisories/2008/0804/references
http://www-1.ibm.com/support/docview.wss?uid=swg1PK55753
Patch
http://www.securityfocus.com/bid/28133
Patch
http://www.securitytracker.com/id?1019567
https://exchange.xforce.ibmcloud.com/vulnerabilities/41043