Vulnerability Details CVE-2014-0842
The account-creation functionality in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 places the new user's default password within the creation page, which allows remote attackers to obtain sensitive information by reading the HTML source code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 45.2%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2014-0842
-
cpe:2.3:a:ibm:rational_focal_point:6.4
-
cpe:2.3:a:ibm:rational_focal_point:6.4.0.1
-
cpe:2.3:a:ibm:rational_focal_point:6.4.1.0
-
cpe:2.3:a:ibm:rational_focal_point:6.4.1.1
-
cpe:2.3:a:ibm:rational_focal_point:6.4.1.2
-
cpe:2.3:a:ibm:rational_focal_point:6.4.1.3
-
cpe:2.3:a:ibm:rational_focal_point:6.5
-
cpe:2.3:a:ibm:rational_focal_point:6.5.0.1
-
cpe:2.3:a:ibm:rational_focal_point:6.5.0.2
-
cpe:2.3:a:ibm:rational_focal_point:6.5.1
-
cpe:2.3:a:ibm:rational_focal_point:6.5.1.1
-
cpe:2.3:a:ibm:rational_focal_point:6.5.2
-
cpe:2.3:a:ibm:rational_focal_point:6.5.2.1
-
cpe:2.3:a:ibm:rational_focal_point:6.5.2.2
-
cpe:2.3:a:ibm:rational_focal_point:6.5.2.3
-
cpe:2.3:a:ibm:rational_focal_point:6.6
-
cpe:2.3:a:ibm:rational_focal_point:6.6.0.1