Skip to main content

CVE-2010-4603

Severity Medium
Score 6.5/10

Summary

IBM Rational ClearQuest 7.0.x before 7.0.1.11, 7.1.1.x before 7.1.1.4, and 7.1.2.x before 7.1.2.1 does not prevent modification of back-reference fields, which allows remote authenticated users to interfere with intended record relationships, and possibly cause a denial of service (loop) or have unspecified other impact, by (1) adding or (2) removing a back reference.

  • LOW
  • NETWORK
  • SINGLE
  • PARTIAL
  • PARTIAL
  • PARTIAL

References

Advisory Timeline

  • Published