The host is installed with IBM Rational ClearQuest 7.1.x through 7.1.2.7 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an invalid parameter. Successful exploitation could allow remote authenticated users to obtain sensitive stack-trace information from CM server error messages.