CVE-2012-4839

medium

Description

The OSLC interface in the Web Client (aka CQ Web) in IBM Rational ClearQuest 7.1.2.x before 7.1.2.9 and 8.0.0.x before 8.0.0.5 allows remote attackers to conduct phishing attacks via a FRAME element.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/79068

http://www.securitytracker.com/id?1027889

http://www-01.ibm.com/support/docview.wss?uid=swg21620342

Details

Source: Mitre, NVD

Published: 2012-12-20

Updated: 2017-08-29

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 5.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N