Vulnerability Description
The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7.0.0 before 7.0.0.4 and 7.0.1 before 7.0.1.3 on Windows allows local users to obtain (1) user and (2) database passwords by using a password revealer utility on a field containing a series of asterisks.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows | All versions |
| Ibm | Rational Clearquest | 7.0.0.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/32847Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg1PK30938PatchVendor Advisory
- http://www.securityfocus.com/bid/32577
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46994
- http://secunia.com/advisories/32847Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg1PK30938PatchVendor Advisory
- http://www.securityfocus.com/bid/32577
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46994
FAQ
What is CVE-2008-5326?
CVE-2008-5326 is a vulnerability with a CVSS score of 4.4 (MEDIUM). The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7.0.0 before 7.0.0.4 and 7.0.1 before 7.0.1.3 on Windows allows local users to obtain (1) user and (2) database passwords by using a password...
How severe is CVE-2008-5326?
CVE-2008-5326 has been rated MEDIUM with a CVSS base score of 4.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-5326?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows, Ibm Rational Clearquest.