CVE-2008-5328 Information

Description

The ClearQuest Maintenance Tool in IBM Rational ClearQuest before 7 stores the database password in cleartext in an object in a ClearQuest connection profile or export file which allows remote authenticated users to obtain sensitive information by locating the password object within the object tree during an import process.

Reference

http://secunia.com/advisories/32847 http://www-01.ibm.com/support/docview.wss?uid=swg1PK65908 https://exchange.xforce.ibmcloud.com/vulnerabilities/46995