Information disclosure in Ibm Rational_clearcase

CVE-2014-3105

The OSLC integration feature in the Web component in IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 provides different error messages for failed login attempts depending on whether the username…

Vulnerability class: Information Disclosure

EPSS: 0.002 (43.1th percentile) — read the EPSS interpretation.

Affected products

Ibm Rational_clearcase — versions 7.1, 7.1.0.1, 7.1.0.2
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

psirt@us.ibm.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
ibm-clearquest-cve20143105-enumerate(94312) (vdb-entry, x_refsource_XF)