GCVE - cpe:2.3:a:ibm:rational_clearcase:8.0.0.5:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:ibm:rational_clearcase:8.0.0.5:*:*:*:*:*:*:*

part: a version: 8.0.0.5 update: *

Vendor	Ibm (`177c0602-9232-5933-8f2f-9d22f079d22d`)
Product	Rational Clearcase (`d59df164-0934-5cf8-9d35-3a523e1e66b6`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2014-6221`	vulnerable	2026-06-03 14:34:13.146582	Details available The MSCAPI/MSCNG interface implementation in GSKit in IBM Rational ClearCase 7.1.2.x before 7.1.2.17, 8.0.0.x before 8.0.0.14, and 8.0.1.x before 8.0.1.7 does not properly generate random numbers, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors. Published: 2015-04-06T00:00:00.000Z Updated: 2024-08-06T12:10:12.940Z Open on db.gcve.eu Reference links http://www-01.ibm.com/support/docview.wss?uid=swg21698893 http://www.securityfocus.com/bid/73915 http://www.securitytracker.com/id/1032026	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-6134`	vulnerable	2026-06-03 14:34:12.765570	Details available IBM Rational ClearCase 8.0.0 before 8.0.0.14 and 8.0.1 before 8.0.1.7, when Installation Manager before 1.8.2 is used, retains cleartext server passwords in process memory throughout the installation procedure, which might allow local users to obtain sensitive information by leveraging access to the installation account. Published: 2015-03-25T01:00:00.000Z Updated: 2024-08-06T12:10:12.046Z Open on db.gcve.eu Reference links http://www-01.ibm.com/support/docview.wss?uid=swg21688450	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-3106`	vulnerable	2026-06-03 14:33:53.143180	Details available IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 does not properly implement the Local Access Only protection mechanism, which allows remote attackers to bypass authentication and read files via the Help Server Administration feature. Published: 2014-09-23T21:00:00.000Z Updated: 2024-08-06T10:35:56.954Z Open on db.gcve.eu Reference links http://www-01.ibm.com/support/docview.wss?uid=swg21682950 https://exchange.xforce.ibmcloud.com/vulnerabilities/94313	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-3105`	vulnerable	2026-06-03 14:33:53.141961	Details available The OSLC integration feature in the Web component in IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 provides different error messages for failed login attempts depending on whether the username exists, which allows remote attackers to enumerate account names via a series of requests. Published: 2014-09-23T21:00:00.000Z Updated: 2024-08-06T10:35:56.347Z Open on db.gcve.eu Reference links http://www-01.ibm.com/support/docview.wss?uid=swg21682949 https://exchange.xforce.ibmcloud.com/vulnerabilities/94312	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-3104`	vulnerable	2026-06-03 14:33:53.140771	Details available IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. Published: 2014-09-23T21:00:00.000Z Updated: 2024-08-06T10:35:55.935Z Open on db.gcve.eu Reference links http://www-01.ibm.com/support/docview.wss?uid=swg21682942 https://exchange.xforce.ibmcloud.com/vulnerabilities/94311	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-3103`	vulnerable	2026-06-03 14:33:53.139501	Details available The Web component in IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. Published: 2014-09-23T21:00:00.000Z Updated: 2024-08-06T10:35:56.666Z Open on db.gcve.eu Reference links http://www-01.ibm.com/support/docview.wss?uid=swg21682947 https://exchange.xforce.ibmcloud.com/vulnerabilities/94270	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-3101`	vulnerable	2026-06-03 14:33:53.133102	Details available The login form in the Web component in IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 does not insert a delay after a failed authentication attempt, which makes it easier for remote attackers to obtain access via a brute-force attack. Published: 2014-09-23T20:00:00.000Z Updated: 2024-08-06T10:35:56.925Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/94268 http://www-01.ibm.com/support/docview.wss?uid=swg21682946 http://www.securitytracker.com/id/1030884	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-3090`	vulnerable	2026-06-03 14:33:53.041564	Details available IBM Rational ClearCase 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. Published: 2014-09-23T20:00:00.000Z Updated: 2024-08-06T10:35:55.644Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/94256 http://www.securityfocus.com/bid/69964 http://www.securitytracker.com/id/1030883 http://www-01.ibm.com/support/docview.wss?uid=swg21677285	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-0829`	vulnerable	2026-06-03 14:33:39.886277	Details available Multiple buffer overflows in IBM Rational ClearCase 7.x before 7.1.2.13, 8.0.0.x before 8.0.0.10, and 8.0.1.x before 8.0.1.3 allow remote authenticated users to obtain privileged access via unspecified vectors. Published: 2014-03-21T10:00:00.000Z Updated: 2024-08-06T09:27:20.140Z Open on db.gcve.eu Reference links http://www-01.ibm.com/support/docview.wss?&uid=swg21662086 http://www.securityfocus.com/bid/66339 https://exchange.xforce.ibmcloud.com/vulnerabilities/90568	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-5422`	vulnerable	2026-06-03 14:33:21.358835	Details available The Web Client in IBM Rational ClearQuest 7.1 through 7.1.2.12, 8.0.0.x before 8.0.0.9, and 8.0.1.x before 8.0.1.2, when a multi-database dataset exists, allows remote attackers to read database names via unspecified vectors. Published: 2013-12-19T22:00:00.000Z Updated: 2024-08-06T17:06:52.481Z Open on db.gcve.eu Reference links http://www-01.ibm.com/support/docview.wss?uid=swg1PM97698 https://exchange.xforce.ibmcloud.com/vulnerabilities/87484 http://www-01.ibm.com/support/docview.wss?uid=swg21660036	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-5416`	vulnerable	2026-06-03 14:33:21.342343	Details available Unspecified vulnerability in IBM Rational ClearCase through 7.1.2.12, 8.0.0.x before 8.0.0.9, and 8.0.1.x before 8.0.1.2 allows local users to gain privileges via unknown vectors. Published: 2013-12-18T11:00:00.000Z Updated: 2024-08-06T17:06:52.581Z Open on db.gcve.eu Reference links http://www-01.ibm.com/support/docview.wss?uid=swg21657982 https://exchange.xforce.ibmcloud.com/vulnerabilities/87478	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-5415`	vulnerable	2026-06-03 14:33:21.339373	Details available Buffer overflow in IBM Rational ClearCase through 7.1.2.12, 8.0.0.x before 8.0.0.9, and 8.0.1.x before 8.0.1.2 allows local users to gain privileges via unspecified vectors. Published: 2013-12-18T11:00:00.000Z Updated: 2024-08-06T17:06:52.523Z Open on db.gcve.eu Reference links http://www-01.ibm.com/support/docview.wss?uid=swg21657982 https://exchange.xforce.ibmcloud.com/vulnerabilities/87477	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-5373`	vulnerable	2026-06-03 14:33:21.155750	Details available The RemoteClient component in IBM Rational ClearCase 8.0.0.03 through 8.0.0.07, and 8.0.1, uses world-writable permissions for the rcleartool script, which allows local users to gain privileges by appending commands. Published: 2013-09-25T10:00:00.000Z Updated: 2024-08-06T17:06:52.368Z Open on db.gcve.eu Reference links http://www-01.ibm.com/support/docview.wss?uid=swg21648811 https://exchange.xforce.ibmcloud.com/vulnerabilities/86791	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.