First published: Tue Mar 11 2008(Updated: )
IBM Rational ClearQuest 7.0.1.1 and 7.0.0.2 generates different error messages depending on whether the username is valid or invalid, which allows remote attackers to enumerate usernames.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Rational ClearQuest | =7.0.1.1 | |
IBM Rational ClearQuest | =7.0.0.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.