Fixes are available
Rational ClearQuest Fix Pack 14 (7.1.2.14) for 7.1.2
Rational ClearQuest Fix Pack 15 (7.1.2.15) for 7.1.2
Rational ClearQuest Fix Pack 16 (7.1.2.16) for 7.1.2
Rational ClearQuest Fix Pack 17 (7.1.2.17) for 7.1.2
Rational ClearQuest Fix Pack 18 (7.1.2.18) for 7.1.2
Rational ClearQuest Fix Pack 19 (7.1.2.19) for 7.1.2
APAR status
Closed as program error.
Error description
CQ Vulnerability: cookies can be shown when browsing to a Dojo file. This is a Dojo Toolkit vulnerability, also known as: 'ope n direct'.
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: * **************************************************************** * PROBLEM DESCRIPTION: * **************************************************************** * RECOMMENDATION: * **************************************************************** The ClearQuest 7.1.1.x Web client has a vulnerability issue related to cookies.
Problem conclusion
A fix is available in ClearQuest 7.1.1.4 and 7.1.2.1.
Temporary fix
Comments
APAR Information
APAR number
PM15146
Reported component name
CLEARQUEST WIN
Reported component ID
5724G3600
Reported release
710
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2010-05-24
Closed date
2010-12-10
Last modified date
2010-12-10
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
CLEARQUEST WIN
Fixed component ID
5724G3600
Applicable component levels
R710 PSN
UP
[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSSH5A","label":"Rational ClearQuest"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.1","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
10 December 2010