CVE-2012-2164
Published Aug 17, 2012
Last updated 7 years ago
Overview
- Description
- The Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3 allows remote authenticated users to bypass intended access restrictions, and use the Site Administration menu to modify system settings, via a parameter-tampering attack.
- Source
- psirt@us.ibm.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5.5
- Impact score
- 4.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-264
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_clearquest:7.1.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3AB4DB93-26A7-4B5E-ACF5-B8D95AC31566"
},
{
"criteria": "cpe:2.3:a:ibm:rational_clearquest:7.1.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4F74EBAA-8A68-4F20-B14D-D1A77D57BC38"
},
{
"criteria": "cpe:2.3:a:ibm:rational_clearquest:7.1.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "10A1A052-179D-411F-A214-EF2AF7E5F0F5"
},
{
"criteria": "cpe:2.3:a:ibm:rational_clearquest:7.1.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "230908F8-95CB-4273-BA32-0987145E5FDD"
},
{
"criteria": "cpe:2.3:a:ibm:rational_clearquest:7.1.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57CB4AA1-354B-4EC4-8D70-F58654ABF9CB"
},
{
"criteria": "cpe:2.3:a:ibm:rational_clearquest:7.1.1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E1766896-6D35-44CB-8512-AED3961CE224"
},
{
"criteria": "cpe:2.3:a:ibm:rational_clearquest:7.1.1.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "64BC2E3D-4B20-46FF-B2B5-551BEB347FCC"
},
{
"criteria": "cpe:2.3:a:ibm:rational_clearquest:7.1.1.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51B69987-F426-4D27-A721-067B978BEB78"
},
{
"criteria": "cpe:2.3:a:ibm:rational_clearquest:7.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0201EFB5-9673-4C78-938A-C7BF769F5553"
},
{
"criteria": "cpe:2.3:a:ibm:rational_clearquest:7.1.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2F1C1C0A-B403-44C5-B7BD-BC9466CB2848"
},
{
"criteria": "cpe:2.3:a:ibm:rational_clearquest:7.1.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A0A7179A-2421-454C-8A58-EFB1BB7150BC"
},
{
"criteria": "cpe:2.3:a:ibm:rational_clearquest:7.1.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2FEA9B29-2A30-46D1-B778-CE7822CEA972"
},
{
"criteria": "cpe:2.3:a:ibm:rational_clearquest:7.1.2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "941C4C5A-DD11-436B-86D4-BC564E9C6B57"
},
{
"criteria": "cpe:2.3:a:ibm:rational_clearquest:7.1.2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4E538615-12E6-4CDF-8B32-A66CD35D98AE"
},
{
"criteria": "cpe:2.3:a:ibm:rational_clearquest:7.1.2.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F31399A6-5B53-46C1-B4CB-858360CFF133"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_clearquest:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9A482D76-5CEA-4BFC-9837-AC451DBD1ACE"
},
{
"criteria": "cpe:2.3:a:ibm:rational_clearquest:8.0.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A51113A6-1744-47E6-8245-C0E33D39C789"
},
{
"criteria": "cpe:2.3:a:ibm:rational_clearquest:8.0.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "33437FA1-E122-43BB-B347-AACD9C9295D6"
}
],
"operator": "OR"
}
]
}
]