← Back

Scrumworks

scrumworks

Vendor: Collabnet • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2012-2603
1Collabnet
1Scrumworks
Apr 29, 2026
Jun 8, 2012
N/A· v4
N/A· v3
6.5 MEDIUM· v2
The server in CollabNet ScrumWorks Pro before 6.0 allows remote authenticated users to gain privileges and obtain sensitive information via a modified desktop client.
CVE-2011-0410
1Collabnet
1Scrumworks
Apr 29, 2026
Jan 24, 2011
N/A· v4
N/A· v3
5.0 MEDIUM· v2
CollabNet ScrumWorks Basic 1.8.4 uses cleartext credentials for network communication and the internal database, which makes it easier for context-dependent attackers to obtain sensitive information by (1) sniffing the n...Show more
CollabNet ScrumWorks Basic 1.8.4 uses cleartext credentials for network communication and the internal database, which makes it easier for context-dependent attackers to obtain sensitive information by (1) sniffing the network for transmissions of Java objects or (2) reading the database.Show less