PT-2021-18453 · Ibm · Ibm Business Process Manager+1

Published

2021-11-05

Updated

2021-11-09

CVE-2021-29753

CVSS v3.1

5.9

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions IBM Business Automation Workflow versions 18 through 21 IBM Business Process Manager versions 8.5 and 8.6

Description The software transmits or stores authentication credentials using an insecure method, making it susceptible to unauthorized interception and/or retrieval.

Recommendations For IBM Business Automation Workflow versions 18 through 21, update to a version that uses a secure method for transmitting or storing authentication credentials. For IBM Business Process Manager versions 8.5 and 8.6, update to a version that uses a secure method for transmitting or storing authentication credentials.

Fix

Cleartext Transmission of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-319

Related Identifiers

CVE-2021-29753

Affected Products

Ibm Business Automation Workflow

Ibm Business Process Manager

PT-2021-18453 · Ibm · Ibm Business Process Manager+1

CVE-2021-29753

Weakness Enumeration

Related Identifiers

Affected Products

References · 5