CVE-2021-29753

Summary

IBM Business Automation Workflow 18. 19, 20, 21, and IBM Business Process Manager 8.5 and d8.6 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

Affected Software

VendorProductVersion RangeStatus
IBMBusiness Process Manager8.5affected
IBMBusiness Process Manager8.6affected
IBMBusiness Automation Workflow18.0affected
IBMBusiness Automation Workflow19.0affected
IBMBusiness Automation Workflow20.0affected
IBMBusiness Automation Workflow21.0affected

Weaknesses

  • Obtain Information

ADP Enrichment

CVE Program Container

Additional References

References