Vulnerability Details CVE-2008-5326
The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7.0.0 before 7.0.0.4 and 7.0.1 before 7.0.1.3 on Windows allows local users to obtain (1) user and (2) database passwords by using a password revealer utility on a field containing a series of asterisks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 19.1%
CVSS Severity
CVSS v2 Score 4.4
References
- http://secunia.com/advisories/32847
- http://www-01.ibm.com/support/docview.wss?uid=swg1PK30938
- http://www.securityfocus.com/bid/32577
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46994
- http://secunia.com/advisories/32847
- http://www-01.ibm.com/support/docview.wss?uid=swg1PK30938
- http://www.securityfocus.com/bid/32577
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46994
Products affected by CVE-2008-5326
-
cpe:2.3:a:ibm:rational_clearquest:7.0.0.0
-
cpe:2.3:a:ibm:rational_clearquest:7.0.0.1
-
cpe:2.3:a:ibm:rational_clearquest:7.0.0.2
-
cpe:2.3:a:ibm:rational_clearquest:7.0.0.3
-
cpe:2.3:a:ibm:rational_clearquest:7.0.1
-
cpe:2.3:a:ibm:rational_clearquest:7.0.1.1
-
cpe:2.3:a:ibm:rational_clearquest:7.0.1.2
-
cpe:2.3:o:microsoft:windows:-
-
cpe:2.3:o:microsoft:windows:1.0
-
cpe:2.3:o:microsoft:windows:2.0
-
cpe:2.3:o:microsoft:windows:2000
-
cpe:2.3:o:microsoft:windows:3.0
-
cpe:2.3:o:microsoft:windows:3.1
-
cpe:2.3:o:microsoft:windows:3.11
-
cpe:2.3:o:microsoft:windows:server_2008
-
cpe:2.3:o:microsoft:windows:vista