Vulnerability Details CVE-2013-0598
Cross-site request forgery (CSRF) vulnerability in the Web Client in IBM Rational ClearQuest 7.1 before 7.1.2.12, 8.0 before 8.0.0.8, and 8.0.1 before 8.0.1.1 allows remote attackers to hijack the authentication of arbitrary users.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 45.6%
CVSS Severity
CVSS v2 Score 6.8
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM88185
- http://www-01.ibm.com/support/docview.wss?uid=swg21648665
- https://exchange.xforce.ibmcloud.com/vulnerabilities/83611
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM88185
- http://www-01.ibm.com/support/docview.wss?uid=swg21648665
- https://exchange.xforce.ibmcloud.com/vulnerabilities/83611
Products affected by CVE-2013-0598
-
cpe:2.3:a:ibm:rational_clearquest:7.1.1.1
-
cpe:2.3:a:ibm:rational_clearquest:7.1.1.2
-
cpe:2.3:a:ibm:rational_clearquest:7.1.1.3
-
cpe:2.3:a:ibm:rational_clearquest:7.1.1.4
-
cpe:2.3:a:ibm:rational_clearquest:7.1.1.5
-
cpe:2.3:a:ibm:rational_clearquest:7.1.1.6
-
cpe:2.3:a:ibm:rational_clearquest:7.1.1.7
-
cpe:2.3:a:ibm:rational_clearquest:7.1.1.8
-
cpe:2.3:a:ibm:rational_clearquest:7.1.2
-
cpe:2.3:a:ibm:rational_clearquest:7.1.2.1
-
cpe:2.3:a:ibm:rational_clearquest:7.1.2.10
-
cpe:2.3:a:ibm:rational_clearquest:7.1.2.11
-
cpe:2.3:a:ibm:rational_clearquest:7.1.2.2
-
cpe:2.3:a:ibm:rational_clearquest:7.1.2.3
-
cpe:2.3:a:ibm:rational_clearquest:7.1.2.4
-
cpe:2.3:a:ibm:rational_clearquest:7.1.2.5
-
cpe:2.3:a:ibm:rational_clearquest:7.1.2.6
-
cpe:2.3:a:ibm:rational_clearquest:7.1.2.7
-
cpe:2.3:a:ibm:rational_clearquest:7.1.2.8
-
cpe:2.3:a:ibm:rational_clearquest:7.1.2.9
-
cpe:2.3:a:ibm:rational_clearquest:8.0
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.1
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.2
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.3
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.4
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.5
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.6
-
cpe:2.3:a:ibm:rational_clearquest:8.0.0.7
-
cpe:2.3:a:ibm:rational_clearquest:8.0.1