Vulnerabilities > IBM > Rational Clearquest

DATE CVE VULNERABILITY TITLE RISK
2024-07-17 CVE-2024-28796 Unspecified vulnerability in IBM Rational Clearquest
IBM ClearQuest (CQ) 9.1 through 9.1.0.6 is vulnerable to stored cross-site scripting.
network
low complexity
ibm
5.4
2018-08-13 CVE-2016-2922 Improper Certificate Validation vulnerability in IBM Rational Clearquest
IBM Rational ClearQuest 8.0 through 8.0.1.9 and 9.0 through 9.0.1.3 (CQ OSLC linkages, EmailRelay) fails to check the SSL certificate against the requested hostname.
network
high complexity
ibm CWE-295
5.9
2018-04-20 CVE-2014-0950 XXE vulnerability in IBM Rational Clearquest
Multiple XML external entity (XXE) vulnerabilities in (1) CQWeb / CM Server, (2) ClearQuest Native client, (3) ClearQuest Eclipse client, and (4) ClearQuest Eclipse Designer components in IBM Rational ClearQuest 7.1.1 through 7.1.1.9, 7.1.2 through 7.1.2.13, 8.0.0 through 8.0.0.10, and 8.0.1 through 8.0.1.3 allow remote attackers to cause a denial of service or access other servers via crafted XML data.
network
low complexity
ibm CWE-611
7.1
2016-01-02 CVE-2015-4996 Information Exposure vulnerability in IBM Rational Clearquest
IBM Rational ClearQuest 7.1.x and 8.0.0.x before 8.0.0.17 and 8.0.1.x before 8.0.1.10 allows local users to spoof database servers and discover credentials via unspecified vectors.
local
high complexity
ibm CWE-200
5.1