Описание
IBM Rational ClearQuest 7.0.1.1 and 7.0.0.2 generates different error messages depending on whether the username is valid or invalid, which allows remote attackers to enumerate usernames.
IBM Rational ClearQuest 7.0.1.1 and 7.0.0.2 generates different error messages depending on whether the username is valid or invalid, which allows remote attackers to enumerate usernames.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-1287
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41042
- http://secunia.com/advisories/29280
- http://www-1.ibm.com/support/docview.wss?uid=swg1PK55561
- http://www.securityfocus.com/bid/28132
- http://www.securitytracker.com/id?1019566
- http://www.vupen.com/english/advisories/2008/0804/references
EPSS
Процентиль: 66%
0.00503
Низкий
CVE ID
Связанные уязвимости
nvd
почти 18 лет назад
IBM Rational ClearQuest 7.0.1.1 and 7.0.0.2 generates different error messages depending on whether the username is valid or invalid, which allows remote attackers to enumerate usernames.
EPSS
Процентиль: 66%
0.00503
Низкий