5
CVE-2008-1287
- EPSS 1.44%
- Veröffentlicht 11.03.2008 17:44:00
- Zuletzt bearbeitet 16.06.2026 22:51:25
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
IBM Rational ClearQuest 7.0.1.1 and 7.0.0.2 generates different error messages depending on whether the username is valid or invalid, which allows remote attackers to enumerate usernames.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Rational Clearquest Version7.0.0.2
Ibm ≫ Rational Clearquest Version7.0.1.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.44% | 0.698 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
http://secunia.com/advisories/29280
http://www-1.ibm.com/support/docview.wss?uid=swg1PK55561
http://www.securityfocus.com/bid/28132
http://www.securitytracker.com/id?1019566
http://www.vupen.com/english/advisories/2008/0804/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41042