CVE-2021-39046

Summary

IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 and IBM Business Process Manager 8.5 and 8.6 stores user credentials in plain clear text which can be read by a lprivileged user. IBM X-Force ID: 214346.

Affected Software

VendorProductVersion RangeStatus
IBMBusiness Automation Workflow18.0.0.0affected
IBMBusiness Automation Workflow18.0.0.1affected
IBMBusiness Automation Workflow18.0.0.2affected
IBMBusiness Automation Workflow19.0.0.1affected
IBMBusiness Automation Workflow19.0.0.2affected
IBMBusiness Automation Workflow19.0.0.3affected
IBMBusiness Automation Workflow20.0.0.1affected
IBMBusiness Automation Workflow20.0.0.2affected
IBMBusiness Automation Workflow21.0.2affected
IBMBusiness Automation Workflow21.0.3affected
IBMBusiness Process Manager8.5affected
IBMBusiness Process Manager8.6affected

Weaknesses

  • Obtain Information

ADP Enrichment

CVE Program Container

Additional References

References