CVE-2009-4357

N/A Unknown
Published: December 18, 2009 Modified: April 23, 2026
View on NVD

Description

CQWeb (aka the web interface) in IBM Rational ClearQuest before 7.1.1 does not properly handle use of legacy URLs for automatic login, which might allow attackers to discover the passwords for user accounts via unspecified vectors.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://secunia.com/advisories/37811
Source: cve@mitre.org
Vendor Advisory
http://securitytracker.com/id?1023370
Source: cve@mitre.org
http://www-01.ibm.com/support/docview.wss?uid=swg1PK86377
Source: cve@mitre.org
Vendor Advisory
http://www.securityfocus.com/bid/37385
Source: cve@mitre.org
http://www.vupen.com/english/advisories/2009/3580
Source: cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/37811
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://securitytracker.com/id?1023370
Source: af854a3a-2127-422b-91ae-364da2661108
http://www-01.ibm.com/support/docview.wss?uid=swg1PK86377
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/bid/37385
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2009/3580
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

10 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.3%
57th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-200

Affected Vendors

ibm

Related CVEs

CVE-2026-7041 3.7
CVE-2026-7039 7.8
CVE-2026-7038 3.3
CVE-2026-7037 9.8
CVE-2026-7036 7.3