IBM.Rational.ClearQuest.Username.Parameter.SQL.Injection
Description
A SQL injection vulnerability in IBM Rational ClearQuest (CQ) Web 7.0.0.0-IFIX02 and 7.0.0.1 allows remote attackers to execute arbitrary SQL commands via the username parameter in a GenerateMainFrame command.
Affected Products
IBM Rational ClearQuest versions 7.0.0.0 and 7.0.0.1 are vulnerable; other versions may also be affected.
Impact
SQL Injection.
Recommended Actions
Currently we are not aware of any vendor supplied patches for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |