2017-10-16 12:31:07 -04:00
{
2018-08-13 12:05:30 -04:00
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com" ,
"DATE_PUBLIC" : "2018-08-09T00:00:00" ,
"ID" : "CVE-2016-2922" ,
"STATE" : "PUBLIC"
2017-10-16 12:31:07 -04:00
} ,
2018-08-13 11:03:42 -04:00
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
2018-08-13 12:05:30 -04:00
"product_name" : "Rational ClearQuest" ,
2018-08-13 11:03:42 -04:00
"version" : {
"version_data" : [
{
"version_value" : "8.0"
} ,
{
"version_value" : "8.0.0.1"
} ,
{
"version_value" : "8.0.0.2"
} ,
{
"version_value" : "8.0.0.3"
} ,
{
"version_value" : "8.0.0.4"
} ,
{
"version_value" : "8.0.0.5"
} ,
{
"version_value" : "8.0.0.6"
} ,
{
"version_value" : "8.0.0.7"
} ,
{
"version_value" : "8.0.1"
} ,
{
"version_value" : "8.0.0.8"
} ,
{
"version_value" : "8.0.1.1"
} ,
{
"version_value" : "8.0.0.9"
} ,
{
"version_value" : "8.0.0.10"
} ,
{
"version_value" : "8.0.0.11"
} ,
{
"version_value" : "8.0.1.2"
} ,
{
"version_value" : "8.0.1.3"
} ,
{
"version_value" : "8.0.1.4"
} ,
{
"version_value" : "8.0.0.12"
} ,
{
"version_value" : "8.0.1.5"
} ,
{
"version_value" : "8.0.0.13"
} ,
{
"version_value" : "8.0.1.6"
} ,
{
"version_value" : "8.0.0.14"
} ,
{
"version_value" : "8.0.1.7"
} ,
{
"version_value" : "8.0.0.15"
} ,
{
"version_value" : "8.0.1.8"
} ,
{
"version_value" : "8.0.0.16"
} ,
{
"version_value" : "8.0.1.9"
} ,
{
"version_value" : "8.0.0.17"
} ,
{
"version_value" : "8.0.1.10"
} ,
{
"version_value" : "8.0.0.18"
} ,
{
"version_value" : "8.0.1.11"
} ,
{
"version_value" : "9.0"
} ,
{
"version_value" : "9.0.0.1"
} ,
{
"version_value" : "8.0.0.19"
} ,
{
"version_value" : "8.0.1.12"
} ,
{
"version_value" : "9.0.0.2"
} ,
{
"version_value" : "8.0.0.20"
} ,
{
"version_value" : "8.0.1.13"
} ,
{
"version_value" : "9.0.0.3"
} ,
{
"version_value" : "8.0.0.21"
} ,
{
"version_value" : "8.0.1.14"
} ,
{
"version_value" : "9.0.0.4"
} ,
{
"version_value" : "9.0.1"
} ,
{
"version_value" : "8.0.1.15"
} ,
{
"version_value" : "9.0.0.5"
} ,
{
"version_value" : "9.0.1.1"
} ,
{
"version_value" : "8.0.1.16"
} ,
{
"version_value" : "9.0.0.6"
} ,
{
"version_value" : "9.0.1.2"
} ,
{
"version_value" : "8.0.1.17"
} ,
{
"version_value" : "9.0.1.3"
}
]
2018-08-13 12:05:30 -04:00
}
2018-08-13 11:03:42 -04:00
}
]
} ,
"vendor_name" : "IBM"
}
]
}
} ,
2018-08-13 12:05:30 -04:00
"data_format" : "MITRE" ,
"data_type" : "CVE" ,
"data_version" : "4.0" ,
2017-10-16 12:31:07 -04:00
"description" : {
"description_data" : [
{
2018-08-13 12:05:30 -04:00
"lang" : "eng" ,
"value" : "IBM Rational ClearQuest 8.0 through 8.0.1.9 and 9.0 through 9.0.1.3 (CQ OSLC linkages, EmailRelay) fails to check the SSL certificate against the requested hostname. It is subject to a man-in-the-middle attack with an impersonating server observing all the data transmitted to the real server. IBM X-Force ID: 113353."
2017-10-16 12:31:07 -04:00
}
]
2018-08-13 11:03:42 -04:00
} ,
2018-08-13 12:05:30 -04:00
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N" ,
"AC" : "H" ,
"AV" : "N" ,
"C" : "L" ,
"I" : "N" ,
"PR" : "N" ,
"S" : "U" ,
"SCORE" : "3.700" ,
"UI" : "N"
} ,
"TM" : {
"E" : "U" ,
"RC" : "C" ,
"RL" : "O"
}
}
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "Obtain Information"
}
]
}
]
} ,
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10718377" ,
"refsource" : "CONFIRM" ,
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10718377"
} ,
{
"name" : "ibm-clearquest-cve20162922-spoofing(113353)" ,
"refsource" : "XF" ,
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/113353"
}
]
2017-10-16 12:31:07 -04:00
}
}