Vulnerability Description
IBM Rational ClearQuest 7.0.x before 7.0.1.11, 7.1.1.x before 7.1.1.4, and 7.1.2.x before 7.1.2.1 does not prevent modification of back-reference fields, which allows remote authenticated users to interfere with intended record relationships, and possibly cause a denial of service (loop) or have unspecified other impact, by (1) adding or (2) removing a back reference.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Rational Clearquest | 7.0 |
References
- ftp://public.dhe.ibm.com/software/rational/clearquest/7.1.1/7.1.1.4-RATL-RCQ/7.1
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM22186
- http://www-01.ibm.com/support/docview.wss?uid=swg21125139
- http://www.securityfocus.com/bid/45648
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64439
- ftp://public.dhe.ibm.com/software/rational/clearquest/7.1.1/7.1.1.4-RATL-RCQ/7.1
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM22186
- http://www-01.ibm.com/support/docview.wss?uid=swg21125139
- http://www.securityfocus.com/bid/45648
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64439
FAQ
What is CVE-2010-4603?
CVE-2010-4603 is a vulnerability with a CVSS score of 6.5 (MEDIUM). IBM Rational ClearQuest 7.0.x before 7.0.1.11, 7.1.1.x before 7.1.1.4, and 7.1.2.x before 7.1.2.1 does not prevent modification of back-reference fields, which allows remote authenticated users to int...
How severe is CVE-2010-4603?
CVE-2010-4603 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-4603?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Rational Clearquest.