CVE-2008-5327 Information

Description

The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7 before 7.1 stores the database password in cleartext in an object in a ClearQuest connection profile or export file which allows remote authenticated users to obtain sensitive information by locating the password object within the object tree.

Reference

http://secunia.com/advisories/32847 http://www-01.ibm.com/support/docview.wss?uid=swg1PK65908 https://exchange.xforce.ibmcloud.com/vulnerabilities/46995