|Category:||Information Leak / Disclosure|
Published on 14/04/09 - Updated on 17/08/17
UCM-CQ in IBM Rational ClearCase 7.0.0.x before 18.104.22.168, 7.0.1.x before 22.214.171.124, and 7.1.x before 126.96.36.199 on Linux and AIX places a username and password on the command line, which allows local users to obtain credentials by listing the process.
CWE-200 (Information Exposure)
An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.