VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Sep 23, 2014· Updated May 6, 2026

CVE-2014-3105

CVE-2014-3105

Description

The OSLC integration feature in the Web component in IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 provides different error messages for failed login attempts depending on whether the username exists, which allows remote attackers to enumerate account names via a series of requests.

Affected products

44
  • IBM/Rational Clearcase44 versions
    cpe:2.3:a:ibm:rational_clearcase:7.1:*:*:*:*:*:*:*+ 43 more
    • cpe:2.3:a:ibm:rational_clearcase:7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2.10:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2.11:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2.12:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2.13:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2.14:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:7.1.2.9:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.0.11:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_clearcase:8.0.1.4:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.