IBM Rational ClearQuest 7.x < 7.1.2.7 / 8.0.0.x < 8.0.0.3 Multiple Vulnerabilities (credentialed check)

This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.


Synopsis :

The remote host has software installed that is affected by multiple
vulnerabilities.

Description :

The remote host has a version of IBM Rational ClearQuest 7.x prior to
7.1.2.7 / 8.0.0.x prior to 8.0.0.3 installed. It is, therefore,
affected by the following vulnerabilities :

- A cross-site scripting vulnerability exists that can
be exploited by an attacker by tricking a victim into
opening a specially crafted report. (CVE-2012-2205)

- An information disclosure vulnerability exists that
allows an attacker unauthorized access to password
information. (CVE-2012-2165)

- ClearQuest Web sometimes displays sensitive stack trace
information in error messages. (CVE-2012-2168)

- The ClearQuest Web Help component contains a reflected
cross-site scripting vulnerability. (CVE-2012-2161)

- Some scripts inside the ClearQuest Web Help application
are vulnerable to open redirect attacks. (CVE-2012-2159)

- The ClearQuest web client is subject to an elevated
privilege attack that allows an attacker access to the
'Site Administration' menu. (CVE-2012-2164)

- The ClearQuest web client file-upload functionality is
affected by a cross-site scripting vulnerability that
can be exploited by an authenticated user via the 'File
Description' field. (CVE-2012-2169)

- Attackers can obtain potentially sensitive information
via a request to a 'snoop', 'hello', 'ivt/', 'hitcount',
'HitCount.jsp', 'HelloHTMLError.jsp', 'HelloHTML.jsp',
'HelloVXMLError.jsp', 'HelloWMLError.jsp',
'HellowWML.jsp' or 'cqweb/j_security_check' sample
script. (CVE-2012-0744)

See also :

http://www-01.ibm.com/support/docview.wss?uid=swg21606319
http://www-01.ibm.com/support/docview.wss?uid=swg21606385
http://www-01.ibm.com/support/docview.wss?uid=swg21605840
http://www-01.ibm.com/support/docview.wss?uid=swg21605839
http://www-01.ibm.com/support/docview.wss?uid=swg21605838
http://www-01.ibm.com/support/docview.wss?uid=swg21606318

Solution :

Upgrade to IBM Rational ClearQuest 7.1.2.7 / 8.0.0.3 or later.

Risk factor :

Medium / CVSS Base Score : 6.0
(CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P)
CVSS Temporal Score : 5.0
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now