← Back

CVE-2021-29786

nvd nist
Published: Oct 27, 2021Modified: Nov 21, 2024

JSON object

Loading...
6.5
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Exploitability: 2.8 / Impact: 3.6
Source: NVD

Description

IBM Jazz Team Server products stores user credentials in clear text which can be read by an authenticated user. IBM X-Force ID: 203172.

Affected (17)

Ibm
6 products
Engineering Lifecycle Optimization
Engineering Workflow Management
Rational Collaborative Lifecycle Management
Rational Doors Next Generation
Rational Engineering Lifecycle Manager
Rational Team Concert
Configuration A
17 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Engineering Lifecycle Optimization
Version 7.0.1
Engineering Lifecycle Optimization
Version 7.0.2
Engineering Lifecycle Optimization
Version 7.0
Ibm
Engineering Workflow Management
Version 7.0.1
Engineering Workflow Management
Version 7.0.2
Engineering Workflow Management
Version 7.0
Ibm
Rational Collaborative Lifecycle Management
Version 6.0.6.1
Rational Collaborative Lifecycle Management
Version 6.0.6
Ibm
Rational Doors Next Generation
Version 6.0.6.1
Rational Doors Next Generation
Version 6.0.6
Rational Doors Next Generation
Version 7.0.1
Rational Doors Next Generation
Version 7.0.2
Rational Doors Next Generation
Version 7.0
Rational Engineering Lifecycle Manager
Version 7.0
Ibm
Rational Team Concert
Version 6.0.2
Rational Team Concert
Version 6.0.6.1
Rational Team Concert
Version 6.0.6

Related CWEs

CWE-312
Cleartext Storage of Sensitive Information
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

References (4)

Source: psirt@us.ibm.com
VDB EntryVendor Advisory
Source: psirt@us.ibm.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
VDB EntryVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.