Vulnerabilities > CVE-2008-5326 - Credentials Management vulnerability in IBM Rational Clearquest
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7.0.0 before 7.0.0.4 and 7.0.1 before 7.0.1.3 on Windows allows local users to obtain (1) user and (2) database passwords by using a password revealer utility on a field containing a series of asterisks.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 | |
| Application | 7 |
Common Weakness Enumeration (CWE)
References
- http://secunia.com/advisories/32847
- http://secunia.com/advisories/32847
- http://www.securityfocus.com/bid/32577
- http://www.securityfocus.com/bid/32577
- http://www-01.ibm.com/support/docview.wss?uid=swg1PK30938
- http://www-01.ibm.com/support/docview.wss?uid=swg1PK30938
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46994
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46994