IBM Rational ClearQuest 7.x < 7.1.2.7 Multiple Vulnerabilities (Credentialed Check)

NASLDB: IBM Rational ClearQuest 7.x < 7.1.2.7 Multiple Vulnerabilities (Credentialed Check)

General

ID: 61565
Name: IBM Rational ClearQuest 7.x < 7.1.2.7 Multiple Vulnerabilities (Credentialed Check)

Summary: Checks version of IBM Rational ClearQuest

Credits: Tenable Network Security, Inc.

Classification

Risk: –

CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P
CVSS Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Port: –
Family: Windows
Type: Local

Description

The remote host has a version of IBM Rational ClearQuest 7.x prior to
version 7.1.2.7 installed, and is, therefore, affected by the following
vulnerabilities :

– A cross-site scripting vulnerability exists that could
be exploited by an attacker by tricking a victim into
opening a specially crafted report. (CVE-2012-2205)

– There is an information disclosure vulnerability that
could allow an attacker unauthorized access to password
information. (CVE-2012-2165)

– ClearQuest Web sometimes displays sensitive stack trace
information in error messages. (CVE-2012-2168)

– The ClearQuest Web Help component contains a reflected
cross-site scripting vulnerability. (CVE-2012-2161)

– Some scripts inside the ClearQuest Web Help application
are vulnerable to open redirect attacks. (CVE-2012-2159)

– The ClearQuest web client is subject to an elevated
privilege attack that may allow an attacker access to
the ‘Site Administration’ menu. (CVE-2012-2164)

– The ClearQuest web client file-upload functionality is
affected by a cross-site scripting vulnerability that
can be exploited by an authenticated user via the ‘File
Description’ field. (CVE-2012-2169)

– Attackers may be able to obtain potentially sensitive
information via a request to a ‘snoop’, ‘hello’, ‘ivt/’,
‘hitcount’, ‘HitCount.jsp’, ‘HelloHTMLError.jsp’,
‘HelloHTML.jsp’, ‘HelloVXMLError.jsp’,
‘HelloWMLError.jsp’, ‘HellowWML.jsp’ or
‘cqweb/j_security_check’ sample script. (CVE-2012-0744)