Vulnerabilities > IBM > Rational Clearcase > 7.1.1.1

DATE CVE VULNERABILITY TITLE RISK
2018-04-20 CVE-2014-0931 XXE vulnerability in IBM Rational Clearcase
Multiple XML external entity (XXE) vulnerabilities in the (1) CCRC WAN Server / CM Server, (2) Perl CC/CQ integration trigger scripts, (3) CMAPI Java interface, (4) ClearCase remote client, and (5) CMI and OSLC-based ClearQuest integrations components in IBM Rational ClearCase 7.1.0.x, 7.1.1.x, 7.1.2 through 7.1.2.13, 8.0 through 8.0.0.10, and 8.0.1 through 8.0.1.3 allow remote attackers to cause a denial of service or access other servers via crafted XML data.
network
low complexity
ibm CWE-611
critical
9.1
2018-03-26 CVE-2015-5039 Cryptographic Issues vulnerability in IBM Rational Clearcase
The Remote Client and change management integrations in IBM Rational ClearCase 7.1.x, 8.0.0.x before 8.0.0.18, and 8.0.1.x before 8.0.1.11 do not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to spoof servers and obtain sensitive information or modify network traffic via a crafted certificate.
network
high complexity
ibm CWE-310
7.4