CVE-2014-0842

Currently unrated

Key Information:

Vendor: IBM
Status: Rational Focal Point
Vendor: CVE Published:; 26 February 2014

Summary

The account-creation functionality in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 places the new user's default password within the creation page, which allows remote attackers to obtain sensitive information by reading the HTML source code.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21665005

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/90706

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Feb 26, 2014
Vulnerability Reserved
Jan 6, 2014