cvedb.io
CVE-2015-5039
HIGH · CVSS 7.4
EPSS exploitation probability: 0%
Published 2018-03-26T18:29:00.440 · Last modified 2026-06-17T00:28:20.933

Summary

The Remote Client and change management integrations in IBM Rational ClearCase 7.1.x, 8.0.0.x before 8.0.0.18, and 8.0.1.x before 8.0.1.11 do not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to spoof servers and obtain sensitive information or modify network traffic via a crafted certificate. IBM X-Force ID: 106715.

Affected products

ibm — rational_clearcase

Does this affect you?

Add your gear to cvedb and we'll alert you only when ibm ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.