Information Disclosure: Password Hashes Exposed in IBM Rational ClearQuest

Information Disclosure: Password Hashes Exposed in IBM Rational ClearQuest

CVE-2012-2165 · LOW Severity

AV:N/AC:M/AU:S/C:P/I:N/A:N

IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3, when ClearQuest Authentication is enabled, allows remote authenticated users to read password hashes via a user query.

Learn more about our User Device Pen Test.