← back
CVE-2009-4357

CVE-2009-4357

EPSS 1.1%
CQWeb (aka the web interface) in IBM Rational ClearQuest before 7.1.1 does not properly handle use of legacy URLs for automatic login, which might allow attackers to discover the passwords for user accounts via unspecified vectors.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/37811http://securitytracker.com/id?1023370http://www-01.ibm.com/support/docview.wss?uid=swg1PK86377http://www.securityfocus.com/bid/37385http://www.vupen.com/english/advisories/2009/3580