This technote identifies a potential security vulnerability in IBM® Rational® ClearQuest® (CQ) where a malicious user could potentially cause data corruption.
A potential security vulnerability in IBM Rational ClearQuest exists, where a malicious user could potentially cause data corruption. This issue only affects Microsoft® SQL Server and IBM DB2® based ClearQuest databases. Oracle databases are not subject to harm from such an attack.
Resolving the problem
This issue was a reported defect, APAR PK48485, and was resolved in:
- 126.96.36.199 - FixPack 188.8.131.52 for the 184.108.40.206 release of ClearQuest,
- 7.0.1 - FixPack 220.127.116.11 for the 7.0.1 release of ClearQuest.
- 2003.06.16 - For the 2003.06.16 release of ClearQuest, the defect is resolved in Patch 2007D for the Microsoft® Windows® platforms and 2003.06.00 patch 20 for the Linux® and UNIX® platforms.