CVE-2014-0842

2014-02-2601:29:36

CWE-255

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

Confidence

Low

EPSS

0.003

Percentile

69.0%

JSON

The account-creation functionality in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 places the new user’s default password within the creation page, which allows remote attackers to obtain sensitive information by reading the HTML source code.

Affected configurations

Nvd

Node

ibmrational_focal_pointMatch6.4

ibmrational_focal_pointMatch6.4.0.1

ibmrational_focal_pointMatch6.4.1.0

ibmrational_focal_pointMatch6.4.1.1

ibmrational_focal_pointMatch6.4.1.2

ibmrational_focal_pointMatch6.4.1.3

ibmrational_focal_pointMatch6.5

ibmrational_focal_pointMatch6.5.0.1

ibmrational_focal_pointMatch6.5.0.2

ibmrational_focal_pointMatch6.5.1

ibmrational_focal_pointMatch6.5.1.1

ibmrational_focal_pointMatch6.5.2

ibmrational_focal_pointMatch6.5.2.1

ibmrational_focal_pointMatch6.5.2.2

ibmrational_focal_pointMatch6.5.2.3

ibmrational_focal_pointMatch6.6

ibmrational_focal_pointMatch6.6.0.1

VendorProductVersionCPE
ibmrational_focal_point6.4cpe:2.3:a:ibm:rational_focal_point:6.4:*:*:*:*:*:*:*
ibmrational_focal_point6.4.0.1cpe:2.3:a:ibm:rational_focal_point:6.4.0.1:*:*:*:*:*:*:*
ibmrational_focal_point6.4.1.0cpe:2.3:a:ibm:rational_focal_point:6.4.1.0:*:*:*:*:*:*:*
ibmrational_focal_point6.4.1.1cpe:2.3:a:ibm:rational_focal_point:6.4.1.1:*:*:*:*:*:*:*
ibmrational_focal_point6.4.1.2cpe:2.3:a:ibm:rational_focal_point:6.4.1.2:*:*:*:*:*:*:*
ibmrational_focal_point6.4.1.3cpe:2.3:a:ibm:rational_focal_point:6.4.1.3:*:*:*:*:*:*:*
ibmrational_focal_point6.5cpe:2.3:a:ibm:rational_focal_point:6.5:*:*:*:*:*:*:*
ibmrational_focal_point6.5.0.1cpe:2.3:a:ibm:rational_focal_point:6.5.0.1:*:*:*:*:*:*:*
ibmrational_focal_point6.5.0.2cpe:2.3:a:ibm:rational_focal_point:6.5.0.2:*:*:*:*:*:*:*
ibmrational_focal_point6.5.1cpe:2.3:a:ibm:rational_focal_point:6.5.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	rational_focal_point	6.4	cpe:2.3:a:ibm:rational_focal_point:6.4:::::::*
ibm	rational_focal_point	6.4.0.1	cpe:2.3:a:ibm:rational_focal_point:6.4.0.1:::::::*
ibm	rational_focal_point	6.4.1.0	cpe:2.3:a:ibm:rational_focal_point:6.4.1.0:::::::*
ibm	rational_focal_point	6.4.1.1	cpe:2.3:a:ibm:rational_focal_point:6.4.1.1:::::::*
ibm	rational_focal_point	6.4.1.2	cpe:2.3:a:ibm:rational_focal_point:6.4.1.2:::::::*
ibm	rational_focal_point	6.4.1.3	cpe:2.3:a:ibm:rational_focal_point:6.4.1.3:::::::*
ibm	rational_focal_point	6.5	cpe:2.3:a:ibm:rational_focal_point:6.5:::::::*
ibm	rational_focal_point	6.5.0.1	cpe:2.3:a:ibm:rational_focal_point:6.5.0.1:::::::*
ibm	rational_focal_point	6.5.0.2	cpe:2.3:a:ibm:rational_focal_point:6.5.0.2:::::::*
ibm	rational_focal_point	6.5.1	cpe:2.3:a:ibm:rational_focal_point:6.5.1:::::::*