Lucene search

[email protected]NVD:CVE-2008-1287

HistoryMar 11, 2008 - 5:44 p.m.

CVE-2008-1287

2008-03-1117:44:00

CWE-16

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.5 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

77.7%

JSON

IBM Rational ClearQuest 7.0.1.1 and 7.0.0.2 generates different error messages depending on whether the username is valid or invalid, which allows remote attackers to enumerate usernames.

Affected configurations

NVD

Node

ibmrational_clearquestMatch7.0.0.2

ibmrational_clearquestMatch7.0.1.1

References

secunia.com/advisories/29280

www-1.ibm.com/support/docview.wss?uid=swg1PK55561

www.securityfocus.com/bid/28132

www.securitytracker.com/id?1019566

www.vupen.com/english/advisories/2008/0804/references

exchange.xforce.ibmcloud.com/vulnerabilities/41042

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.5 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

77.7%

JSON

Related for NVD:CVE-2008-1287

cvelist1 prion1 cve1