CVE-2008-5326

The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7.0.0 before 7.0.0.4 and 7.0.1 before 7.0.1.3 on Windows allows local users to obtain (1) user and (2) database passwords by using a password revealer utility on a field containing a series of asterisks.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.4 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 20%
VendorProductVersion
ibmrational_clearquest
7.0.0.0
ibmrational_clearquest
7.0.0.1
ibmrational_clearquest
7.0.0.2
ibmrational_clearquest
7.0.0.3
ibmrational_clearquest
7.0.1
ibmrational_clearquest
7.0.1.1
ibmrational_clearquest
7.0.1.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/32847
http://www-01.ibm.com/support/docview.wss?uid=swg1PK30938
http://www.securityfocus.com/bid/32577
https://exchange.xforce.ibmcloud.com/vulnerabilities/46994
http://secunia.com/advisories/32847
http://www-01.ibm.com/support/docview.wss?uid=swg1PK30938
http://www.securityfocus.com/bid/32577
https://exchange.xforce.ibmcloud.com/vulnerabilities/46994