Unrated severityNVD Advisory· Published Dec 18, 2009· Updated Jun 16, 2026
CVE-2009-4357
CVE-2009-4357
Description
CQWeb (aka the web interface) in IBM Rational ClearQuest before 7.1.1 does not properly handle use of legacy URLs for automatic login, which might allow attackers to discover the passwords for user accounts via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
25cpe:2.3:a:ibm:rational_clearcase:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:ibm:rational_clearcase:*:*:*:*:*:*:*:*range: <=7.1
- cpe:2.3:a:ibm:rational_clearcase:7.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.0.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.0.1.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearquest:2007:*:*:*:*:*:*:*+ 18 more
- cpe:2.3:a:ibm:rational_clearquest:2007:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:2008:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:5.00:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:5.20:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:6.00:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:6.10:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:6.12:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:6.13:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:6.14:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:6.15:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:6.16:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.0.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.0.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.0.2:*:*:*:*:*:*:*
- (no CPE)range: <7.1.1
Patches
Vulnerability mechanics
References
5- secunia.com/advisories/37811nvdVendor Advisory
- www-01.ibm.com/support/docview.wssnvdVendor Advisory
- www.vupen.com/english/advisories/2009/3580nvdVendor Advisory
- securitytracker.com/idnvd
- www.securityfocus.com/bid/37385nvd
News mentions
0No linked articles in our index yet.