Check Point Advisories

Update Protection against IBM Rational Quality Manager and Test Lab Manager Policy Bypass

Check Point Reference: CPAI-2011-106
Date Published: 15 Feb 2011
Severity: Critical
Last Updated: Saturday 01 January, 2011
Source: SecurityFocus
Protection Provided by:
Who is Vulnerable? IBM Rational Quality Manager and Test Lab Manager 7.9.0.3 and prior versions
Vulnerability Description IBM Rational Quality Manager and Test Lab Manager are application testing suites. IBM Rational Quality Manager and Test Lab Manager is exposed to a remote code execution issue. This issue affects the tomcat server built into the affected applications. An attacker can exploit this issue to execute arbitrary code within context of the Tomcat webserver.
Update/Patch AvaliableThe vendor, IBM, has addressed this issue.
Vulnerability DetailsThe flaw exists within the installation of the bundled Tomcat server. The default ADMIN account is improperly disabled within 'tomcat-users.xml' An account providing manager role level access is left enabled with a default password

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK