Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Web component in IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Rational ClearQuest Web组件安全漏洞
Vulnerability Description
IBM Rational ClearQuest是美国IBM公司的一套应用程序生命周期管理 (ALM) 软件。该软件为应用程序提供缺陷跟踪、流程定制、实时报告等,从而提高开发周期的可视性和可控性。 IBM Rational ClearQuest中的Web组件中存在安全漏洞,该漏洞源于在https会话中,程序没有为会话cookie设置安全标志。远程攻击者可通过在http会话中拦截传输利用该漏洞获取cookie。以下版本受到影响:IBM Rational ClearQuest 7.1.2.15之前7.1版本,8
CVSS Information
N/A
Vulnerability Type
N/A