CVE-2014-3106 Information

Description

IBM Rational ClearQuest 7.1 before 7.1.2.15 8.0.0 before 8.0.0.12 and 8.0.1 before 8.0.1.5 does not properly implement the Local Access Only protection mechanism which allows remote attackers to bypass authentication and read files via the Help Server Administration feature.

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg21682950 https://exchange.xforce.ibmcloud.com/vulnerabilities/94313