Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
IBM Rational ClearQuest 8.0 through 8.0.1.9 and 9.0 through 9.0.1.3 (CQ OSLC linkages, EmailRelay) fails to check the SSL certificate against the requested hostname. It is subject to a man-in-the-middle attack with an impersonating server observing all the data transmitted to the real server. IBM X-Force ID: 113353.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Rational ClearQuest 安全漏洞
Vulnerability Description
IBM Rational ClearQuest是美国IBM公司的一套应用程序生命周期管理 (ALM) 软件。该软件为应用程序提供缺陷跟踪、流程定制、实时报告等,从而提高开发周期的可视性和可控性。 IBM Rational ClearQuest(Web/CQ OSLC server/CM Server和EmailRelay组件)中存在安全漏洞,该漏洞源于程序未能检查SSL证书中被请求的主机名。攻击者可借助伪造的服务器利用该漏洞实施中间人攻击。
CVSS Information
N/A
Vulnerability Type
N/A