The host is installed with IBM Rational ClearQuest 7.1.x through 7.1.2.7 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle a crafted user query. Successful exploitation could allow attackers to remote authenticated users to read password hashes.