NVD

Id
35795  
Name
CVE-2014-8925  
Description
Cross-site request forgery (CSRF) vulnerability in ClearQuest Web in IBM Rational ClearQuest 7.1.x before 7.1.2.17, 8.0.0.x before 8.0.0.14, and 8.0.1.x before 8.0.1.7 allows remote attackers to hijack the authentication of arbitrary users for requests that trigger a logout or insert XSS sequences.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2015-03-24  
Modified Date
2015-03-25  
Seq
2014-8925  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
183299 35795 CVE-2014-8925 http://www-01.ibm.com/support/docview.wss?uid=swg21699148  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
19118 JVNDB-2014-007993 IBM Rational ClearQuest の ClearQuest Web におけるクロスサイトリクエストフォージェリの脆弱性 IBM Rational ClearQuest の ClearQuest Web には、クロスサイトリクエストフォージェリの脆弱性が存在します。 CVE-2014-8925 76218 CVE-2014-8925 35795 6.8 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-007993.html 2014-11-14 2015-03-26 View