IBM Rational ClearQuest 7.0.1.1 and 7.0.0.2 generates different error messages depending on whether the username is valid or invalid, which allows remote attackers to enumerate usernames.
CPE | Name | Operator | Version |
---|---|---|---|
rational_clearquest | eq | 7.0.1.1 | |
rational_clearquest | eq | 7.0.0.2 |