Vulnerabilities

CVE-2010-4602

by Fred · 29/12/2010

The Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1 allows remote authenticated users to bypass "restricted user" limitations, and read arbitrary records, via a modified record number in the URL for a RECORD action, as demonstrated by a modified bookmark.

Date published : 2010-12-29

http://www-01.ibm.com/support/docview.wss?uid=swg1PM20172

http://www.securityfocus.com/bid/45646

Similar

Tags: Cybersecurity Alert