CVE-2012-2164

The Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3 allows remote authenticated users to bypass intended access restrictions, and use the Site Administration menu to modify system settings, via a parameter-tampering attack.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:P/A:N
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
VendorProductVersion
ibmrational_clearquest
7.1.1.1
ibmrational_clearquest
7.1.1.2
ibmrational_clearquest
7.1.1.3
ibmrational_clearquest
7.1.1.4
ibmrational_clearquest
7.1.1.5
ibmrational_clearquest
7.1.1.6
ibmrational_clearquest
7.1.1.7
ibmrational_clearquest
7.1.1.8
ibmrational_clearquest
7.1.2
ibmrational_clearquest
7.1.2.1
ibmrational_clearquest
7.1.2.2
ibmrational_clearquest
7.1.2.3
ibmrational_clearquest
7.1.2.4
ibmrational_clearquest
7.1.2.5
ibmrational_clearquest
7.1.2.6
ibmrational_clearquest
8.0
ibmrational_clearquest
8.0.0.1
ibmrational_clearquest
8.0.0.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg1PM62735
http://www.ibm.com/support/docview.wss?uid=swg21606318
https://exchange.xforce.ibmcloud.com/vulnerabilities/75039
http://www-01.ibm.com/support/docview.wss?uid=swg1PM62735
http://www.ibm.com/support/docview.wss?uid=swg21606318
https://exchange.xforce.ibmcloud.com/vulnerabilities/75039