Lucene search

[email protected]NVD:CVE-2014-0842

HistoryFeb 26, 2014 - 1:29 a.m.

CVE-2014-0842

2014-02-2601:29:36

CWE-255

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.0%

JSON

The account-creation functionality in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 places the new user’s default password within the creation page, which allows remote attackers to obtain sensitive information by reading the HTML source code.

Affected configurations

NVD

Node

ibmrational_focal_pointMatch6.4

ibmrational_focal_pointMatch6.4.0.1

ibmrational_focal_pointMatch6.4.1.0

ibmrational_focal_pointMatch6.4.1.1

ibmrational_focal_pointMatch6.4.1.2

ibmrational_focal_pointMatch6.4.1.3

ibmrational_focal_pointMatch6.5

ibmrational_focal_pointMatch6.5.0.1

ibmrational_focal_pointMatch6.5.0.2

ibmrational_focal_pointMatch6.5.1

ibmrational_focal_pointMatch6.5.1.1

ibmrational_focal_pointMatch6.5.2

ibmrational_focal_pointMatch6.5.2.1

ibmrational_focal_pointMatch6.5.2.2

ibmrational_focal_pointMatch6.5.2.3

ibmrational_focal_pointMatch6.6

ibmrational_focal_pointMatch6.6.0.1

References

www-01.ibm.com/support/docview.wss?uid=swg21665005

exchange.xforce.ibmcloud.com/vulnerabilities/90706

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.0%

JSON

Related for NVD:CVE-2014-0842

cve1 cvelist1 prion1 seebug1