Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
certCERTVU:547167
HistoryJan 21, 2011 - 12:00 a.m.

CollabNet ScrumWorks Basic Server transmits credential information in plaintext

2011-01-2100:00:00
www.kb.cert.org
138

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

58.5%

JSON

Overview

Communication between the Collabnet ScrumWorks Basic Server and CollabNet ScrumWorks Desktop Client transmits credential information in plaintext.

Description

The communication between the CollabNet ScrumWorks Basic Server and CollabNet ScrumWorks Desktop Client is transmitting credential information in plaintext. The CollabNet ScrumWorks Basic Server communicates with the CollabNet ScrumWorks Desktop Client using unencrypted java objects. These unencrypted java objects contain the username and password of the active user or (by calling specific functions) all users on the CollabNet ScrumWorks Basic Server.

An additional vulnerability exists in CollabNet ScrumWorks where the ScrumWorks Basic Server stores unencrypted client username and passwords in its internal database.

Impact

An attacker could view the credentials of the active client or all of the authenticated client’s username and password hashs using a packet capturing tool.

Solution

CollabNet has stated to CERT that the client passwords are encrypted in CollabNet ScrumWorks Pro, and there are no plans for adding an encryption feature into CollabNet ScrumWorks Basic. CollabNet ScrumWorks Basic should not be used for sensitive data.

Restrict access

Restrict network access to the CollabNet ScrumWorks and other devices using open protocols like HTTP.

Vendor Information

547167

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

CollabNet __ Affected

Notified: December 20, 2010 Updated: January 17, 2011

Status

Affected

Vendor Statement

CollabNet has stated to CERT that the client passwords are encrypted in CollabNet ScrumWorks Pro, and there are no plans for adding an encryption feature into CollabNet ScrumWorks Basic.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

Acknowledgements

Thanks to David Elze from Daimler TSS Technical Security for reporting this vulnerability.

This document was written by Michael Orlando.

Other Information

CVE IDs: CVE-2011-0410
Severity Metric: 14.40 Date Public:

Related

nvd 1
cve 1
prion 1
cvelist 1
nvd
nvd
CVE-2011-0410
2011-01-24 18:00:04
cve
cve
CVE-2011-0410
2011-01-24 18:00:04
prion
prion
Design/Logic Flaw
2011-01-24 18:00:00
cvelist
cvelist
CVE-2011-0410
2011-01-24 17:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

58.5%

JSON
Related for VU:547167
nvd1cve1prion1cvelist1