CSRF in Ibm Rational_clearquest
CVE-2014-8925
Cross-site request forgery (CSRF) vulnerability in ClearQuest Web in IBM Rational ClearQuest 7.1.x before 7.1.2.17, 8.0.0.x before 8.0.0.14, and 8.0.1.x before 8.0.1.7 allows remote attackers to hijack the authentication of arbitrary users…
Vulnerability class: CSRF (Cross-Site Request Forgery)
EPSS: 0.001 (28.8th percentile) — read the EPSS interpretation.
Affected products
- Ibm Rational_clearquest — versions 7.1, 7.1.0.1, 7.1.0.2
- N/a — versions n/a
Weakness classification (CWE)
References
- psirt@us.ibm.com (x_refsource_CONFIRM, Patch, Vendor Advisory)