CVE-2014-3106

Published: Sep 23, 2014Modified: May 6, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 does not properly implement the Local Access Only protection mechanism, which allows remote attackers to bypass authentication and read files via the Help Server Administration feature.

Affected (44)

Products: Ibm: Rational Clearcase

Ibm

1 product

Rational Clearcase

Configuration A

44 vulnerable

Vulnerable Software	Affected Versions
Ibm Rational Clearcase	Version 7.1.0.1
Ibm Rational Clearcase	Version 7.1.0.2
Ibm Rational Clearcase	Version 7.1.1.1
Ibm Rational Clearcase	Version 7.1.1.2
Ibm Rational Clearcase	Version 7.1.1.3
Ibm Rational Clearcase	Version 7.1.1.4
Ibm Rational Clearcase	Version 7.1.1.5
Ibm Rational Clearcase	Version 7.1.1.6
Ibm Rational Clearcase	Version 7.1.1.7
Ibm Rational Clearcase	Version 7.1.1.8
Ibm Rational Clearcase	Version 7.1.1.9
Ibm Rational Clearcase	Version 7.1.1
Ibm Rational Clearcase	Version 7.1.2.10
Ibm Rational Clearcase	Version 7.1.2.11
Ibm Rational Clearcase	Version 7.1.2.12
Ibm Rational Clearcase	Version 7.1.2.13
Ibm Rational Clearcase	Version 7.1.2.14
Ibm Rational Clearcase	Version 7.1.2.1
Ibm Rational Clearcase	Version 7.1.2.2
Ibm Rational Clearcase	Version 7.1.2.3
Ibm Rational Clearcase	Version 7.1.2.4
Ibm Rational Clearcase	Version 7.1.2.5
Ibm Rational Clearcase	Version 7.1.2.6
Ibm Rational Clearcase	Version 7.1.2.7
Ibm Rational Clearcase	Version 7.1.2.9
Ibm Rational Clearcase	Version 7.1.2
Ibm Rational Clearcase	Version 7.1
Ibm Rational Clearcase	Version 8.0.0.10
Ibm Rational Clearcase	Version 8.0.0.11
Ibm Rational Clearcase	Version 8.0.0.1
Ibm Rational Clearcase	Version 8.0.0.2
Ibm Rational Clearcase	Version 8.0.0.3
Ibm Rational Clearcase	Version 8.0.0.4
Ibm Rational Clearcase	Version 8.0.0.5
Ibm Rational Clearcase	Version 8.0.0.6
Ibm Rational Clearcase	Version 8.0.0.7
Ibm Rational Clearcase	Version 8.0.0.8
Ibm Rational Clearcase	Version 8.0.0.9
Ibm Rational Clearcase	Version 8.0.1.1
Ibm Rational Clearcase	Version 8.0.1.2
Ibm Rational Clearcase	Version 8.0.1.3
Ibm Rational Clearcase	Version 8.0.1.4
Ibm Rational Clearcase	Version 8.0.1
Ibm Rational Clearcase	Version 8.0

Related CWEs

CWE-287

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (4)

http://www-01.ibm.com/support/docview.wss?uid=swg21682950

Source: psirt@us.ibm.com

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/94313

Source: psirt@us.ibm.com

http://www-01.ibm.com/support/docview.wss?uid=swg21682950

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/94313

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.