Back-reference Field Modification Vulnerability in IBM Rational ClearQuest

Back-reference Field Modification Vulnerability in IBM Rational ClearQuest

CVE-2010-4603 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

IBM Rational ClearQuest 7.0.x before 7.0.1.11, 7.1.1.x before 7.1.1.4, and 7.1.2.x before 7.1.2.1 does not prevent modification of back-reference fields, which allows remote authenticated users to interfere with intended record relationships, and possibly cause a denial of service (loop) or have unspecified other impact, by (1) adding or (2) removing a back reference.

Learn more about our User Device Pen Test.