CVE-2012-2164

The Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3 allows remote authenticated users to bypass intended access restrictions, and use the Site Administration menu to modify system settings, via a parameter-tampering attack.

Published: Aug 17, 2012
Updated: Apr 13, 2023
CVE: CVE-2012-2164
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5.5
AV:N/AC:L/Au:S/C:P/I:P/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
ibm / rational_clearquest	7.1.1.6	7.1.1.6.x
ibm / rational_clearquest	7.1.2.2	7.1.2.2.x
ibm / rational_clearquest	7.1.2.1	7.1.2.1.x
ibm / rational_clearquest	7.1.2.6	7.1.2.6.x
ibm / rational_clearquest	7.1.1.5	7.1.1.5.x
ibm / rational_clearquest	7.1.2	7.1.2.x
ibm / rational_clearquest	7.1.2.3	7.1.2.3.x
ibm / rational_clearquest	7.1.1.1	7.1.1.1.x
ibm / rational_clearquest	7.1.1.4	7.1.1.4.x
ibm / rational_clearquest	7.1.1.3	7.1.1.3.x
ibm / rational_clearquest	7.1.1.2	7.1.1.2.x
ibm / rational_clearquest	7.1.2.5	7.1.2.5.x
ibm / rational_clearquest	7.1.1.8	7.1.1.8.x
ibm / rational_clearquest	7.1.2.4	7.1.2.4.x
ibm / rational_clearquest	7.1.1.7	7.1.1.7.x
ibm / rational_clearquest	8.0	8.0.x
ibm / rational_clearquest	8.0.0.1	8.0.0.1.x
ibm / rational_clearquest	8.0.0.2	8.0.0.2.x

Vulnerability Database

289,871

CVE-2012-2164