CVE-2008-5326

The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7.0.0 before 7.0.0.4 and 7.0.1 before 7.0.1.3 on Windows allows local users to obtain (1) user and (2) database passwords by using a password revealer utility on a field containing a series of asterisks.

Published: Dec 5, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-5326
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.4
AV:L/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-255

Affected Software
References

Software	From	Fixed in
ibm / rational_clearquest	7.0.0.0	7.0.0.0.x
ibm / rational_clearquest	7.0.0.1	7.0.0.1.x
ibm / rational_clearquest	7.0.0.2	7.0.0.2.x
ibm / rational_clearquest	7.0.0.3	7.0.0.3.x
ibm / rational_clearquest	7.0.1	7.0.1.x
ibm / rational_clearquest	7.0.1.1	7.0.1.1.x
ibm / rational_clearquest	7.0.1.2	7.0.1.2.x

http://secunia.com/advisories/32847
http://www-01.ibm.com/support/docview.wss?uid=swg1PK30938
http://www.securityfocus.com/bid/32577
https://exchange.xforce.ibmcloud.com/vulnerabilities/46994

Vulnerability Database

289,871

CVE-2008-5326