CVE-2010-4600

EPSS 0.23%
Veröffentlicht 29.12.2010 18:00:03
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Dojo Toolkit, as used in the Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1, allows remote attackers to read cookies by navigating to a Dojo file, related to an "open direct" issue.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Dojofoundation ≫ Dojo Toolkit

Ibm ≫ Rational Clearquest Version7.1.1.1

Ibm ≫ Rational Clearquest Version7.1.1.2

Ibm ≫ Rational Clearquest Version7.1.1.3

Ibm ≫ Rational Clearquest Version7.1.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.23%	0.433

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

ftp://public.dhe.ibm.com/software/rational/clearquest/7.1.1/7.1.1.4-RATL-RCQ/7.1.1.4-RATL-RCQ.ux.readme

http://secunia.com/advisories/42624

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg1PM15146

https://nvd.nist.gov/vuln/detail/CVE-2010-4600

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-4600

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-4600

EUVD