Vulnerabilities > CVE-2008-5326 - Credentials Management vulnerability in IBM Rational Clearquest

047910
CVSS 4.4 - MEDIUM
Attack vector
LOCAL
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
microsoft
ibm
CWE-255
NVD
Published: 2008-12-05
Updated: 2017-08-08

Summary

The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7.0.0 before 7.0.0.4 and 7.0.1 before 7.0.1.3 on Windows allows local users to obtain (1) user and (2) database passwords by using a password revealer utility on a field containing a series of asterisks.

Vulnerable Configurations

Part Description Count
OS
Microsoft
1
Application
Ibm
7

Common Weakness Enumeration (CWE)

References