CVE-2021-38938

Summary

IBM Host Access Transformation Services (HATS) 9.6 through 9.6.1.4 and 9.7 through 9.7.0.3 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 210989.

Affected Software

VendorProductVersion RangeStatus
IBMHost Access Transformation Services9.6 <= 9.6.1.4affected
IBMHost Access Transformation Services9.7 <= 9.7.0.3affected

Weaknesses

  • CWE-522: CWE-522 Insufficiently Protected Credentials

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References