The account-creation functionality in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 places the new user's default password within the creation page, which allows remote attackers to obtain sensitive information by reading the HTML source code.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2014-02-25T21:00:00

Updated: 2024-08-06T09:27:20.269Z

Reserved: 2014-01-06T00:00:00

Link: CVE-2014-0842

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-02-26T01:29:36.717

Modified: 2024-11-21T02:02:53.760

Link: CVE-2014-0842

cve-icon Redhat

No data.