← volver
CVE-2016-2922

CVE-2016-2922

CVSS 3.7 LOWEPSS 0.7%
Vexday Risk Score
8Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 3.7EPSS 0.7%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
13 ago 2018Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
IBM Rational ClearQuest 8.0 through 8.0.1.9 and 9.0 through 9.0.1.3 (CQ OSLC linkages, EmailRelay) fails to check the SSL certificate against the requested hostname. It is subject to a man-in-the-middle attack with an impersonating server observing all the data transmitted to the real server. IBM X-Force ID: 113353.
CVSS:3.0/A:N/AC:H/AV:N/C:L/I:N/PR:N/S:U/UI:N/E:U/RC:C/RL:O
Productos afectados
IBM · Rational ClearQuest