VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Sep 23, 2014· Updated May 6, 2026

CVE-2014-3103

CVE-2014-3103

Description

The Web component in IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.

Affected products

44
  • IBM/Rational Clearcase44 versions
    cpe:2.3:a:ibm:rational_clearcase:7.1:*:*:*:*:*:*:*+ 43 more
    • cpe:2.3:a:ibm:rational_clearcase:7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2.10:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2.11:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2.12:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2.13:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2.14:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2.9:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.0.11:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.1.4:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.