The account-creation functionality in IBM Rational Focal Point 6.4.x and 6.5.x prior to 6.5.2.3 and 6.6.x prior to 6.6.1 places the new user's default password within the creation page, which allows remote malicious users to obtain sensitive information by reading the HTML source code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm rational focal point 6.4.0.1 |
||
ibm rational focal point 6.5.1.1 |
||
ibm rational focal point 6.4 |
||
ibm rational focal point 6.6.0.1 |
||
ibm rational focal point 6.5.0.1 |
||
ibm rational focal point 6.5.0.2 |
||
ibm rational focal point 6.5.2.3 |
||
ibm rational focal point 6.6 |
||
ibm rational focal point 6.4.1.2 |
||
ibm rational focal point 6.5 |
||
ibm rational focal point 6.5.2 |
||
ibm rational focal point 6.5.2.1 |
||
ibm rational focal point 6.5.2.2 |
||
ibm rational focal point 6.4.1.0 |
||
ibm rational focal point 6.4.1.1 |
||
ibm rational focal point 6.4.1.3 |
||
ibm rational focal point 6.5.1 |