Vulnerability Details CVE-2004-1697
The "Forgot your Password" link in Computer Associates (CA) Unicenter Management Portal 2.0 and 3.1 displays different error messages for users that exist and users that do not exist, which could allow remote attackers to guess valid usernames.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.7%
CVSS Severity
CVSS v2 Score 7.5
References
- http://marc.info/?l=bugtraq&m=109579952809320&w=2
- http://secunia.com/advisories/12620
- http://www.securityfocus.com/bid/11229
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17464
- http://marc.info/?l=bugtraq&m=109579952809320&w=2
- http://secunia.com/advisories/12620
- http://www.securityfocus.com/bid/11229
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17464
Products affected by CVE-2004-1697
-
cpe:2.3:a:ca:unicenter_management:portal_2.0
-
cpe:2.3:a:ca:unicenter_management:portal_3.1