CVE-2014-6134

Name of the Vulnerable Software and Affected Versions IBM Rational ClearCase versions 8.0.0 through 8.0.0.13 IBM Rational ClearCase versions 8.0.1 through 8.0.1.6

Description The issue allows local users to potentially obtain sensitive information by accessing the installation account, due to the retention of cleartext server passwords in process memory during the installation procedure when using Installation Manager before version 1.8.2.

Recommendations For IBM Rational ClearCase versions 8.0.0 through 8.0.0.13, update to version 8.0.0.14 or later. For IBM Rational ClearCase versions 8.0.1 through 8.0.1.6, update to version 8.0.1.7 or later. As a temporary workaround, consider restricting access to the installation account to minimize the risk of exploitation.