CVE-2009-1292

Loading...

General

Score:2.1/10.0
Severity:Low
Category:Information Leak / Disclosure
Exploit:Available

Impact Metrics

Confidentiality:Partial
Integrity:None
Availability:None

Exploitability Metrics

Access Vector:Local
Access Complexity:Low
Authentication:None

Published on 14/04/09 - Updated on 17/08/17

Description

UCM-CQ in IBM Rational ClearCase 7.0.0.x before 7.0.0.5, 7.0.1.x before 7.0.1.4, and 7.1.x before 7.1.0.1 on Linux and AIX places a username and password on the command line, which allows local users to obtain credentials by listing the process.

Category: Information Leak / Disclosure

CWE-200 (Information Exposure)
An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.

Security Notices

US National Vulnerability DatabaseCVE-2009-1292

Exploits

SecurityFocusBID-34483

Relative technologies

VendorProduct
ibmrational_clearcase

Share this vulnerability with:

Twitter Facebook LinkedIn Mail