CVE-2021-29753

IBM Business Automation Workflow 18. 19, 20, 21, and IBM Business Process Manager 8.5 and d8.6 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:business_automation_workflow:18.0.0.0:*:*:*:-:*:*:*
cpe:2.3:a:ibm:business_automation_workflow:19.0.0.0:*:*:*:-:*:*:*
cpe:2.3:a:ibm:business_automation_workflow:20.0.0.0:*:*:*:-:*:*:*
cpe:2.3:a:ibm:business_automation_workflow:21.0.0.0:*:*:*:-:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.0.0:*:*:*:-:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.6.0.0:-:*:*:-:*:*:*

History

09 Nov 2021, 14:24

Type Values Removed Values Added
New CVE

Information

Published : 2021-11-05 18:15

Updated : 2024-02-04 22:08


NVD link : CVE-2021-29753

Mitre link : CVE-2021-29753

CVE.ORG link : CVE-2021-29753


JSON object : View

Products Affected

ibm

  • business_automation_workflow
  • business_process_manager
CWE
CWE-319

Cleartext Transmission of Sensitive Information