IBM Rational ClearQuest 7.1.x < 126.96.36.199 / 8.0.0.x < 188.8.131.52 / 8.0.1.x < 184.108.40.206 Multiple Vulnerabilities (credentialed check)
Medium Nessus Plugin ID 81780
SynopsisThe remote host has software installed that is affected by multiple vulnerabilities.
DescriptionThe remote host has a version of IBM Rational ClearQuest 7.1.x prior to 220.127.116.11 / 8.0.0.x prior to 18.104.22.168 / 8.0.1.x prior to 22.214.171.124 installed. It is, therefore, potentially affected by multiple vulnerabilities :
- An unspecified cross-site request forgery (CSRF) vulnerability exists. (CVE-2013-0598)
- An unspecified vulnerability allows for an attacker to perform JSON hijacking attacks. (CVE-2013-3041)
Note that these vulnerabilities only affect the Web Client component.
SolutionUpgrade to IBM Rational ClearQuest 126.96.36.199/ 188.8.131.52 / 184.108.40.206 or later.