Vulnerabilities > IBM > Rational Clearquest > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-05-14 | CVE-2011-1390 | SQL Injection vulnerability in IBM Rational Clearquest SQL injection vulnerability in the Maintenance tool in IBM Rational ClearQuest 7.1.1.x before 7.1.1.9, 7.1.2.x before 7.1.2.6, and 8.x before 8.0.0.2 allows remote attackers to execute arbitrary SQL commands by leveraging an error in the user-database upgrade feature. | 7.5 |
2010-06-30 | CVE-2010-2517 | Security vulnerability in IBM Rational ClearQuest Multiple unspecified vulnerabilities in IBM Rational ClearQuest before 7.1.1.02 have unknown impact and attack vectors, as demonstrated by an AppScan report. | 7.5 |
2008-12-05 | CVE-2008-5329 | Denial-Of-Service vulnerability in Rational ClearQuest ClearQuest Web in IBM Rational ClearQuest MultiSite before 7.1 allows remote servers to direct a client's submissions and changes to an arbitrary database by specifying multiple comma-separated server identifiers on the JTLRMIREGISTRYSERVERS line in a jtl.properties file. | 7.5 |
2007-08-15 | CVE-2007-4368 | SQL Injection vulnerability in IBM Rational Clearquest 7.0.0.0/7.0.0.1 SQL injection vulnerability in /main in IBM Rational ClearQuest (CQ) Web 7.0.0.0-IFIX02 and 7.0.0.1 allows remote attackers to execute arbitrary SQL commands via the username parameter in a GenerateMainFrame command. | 7.5 |