CVE-2021-29786

🗓️ 27 Oct 2021 16:00:29Reported by ibmType

IBM Jazz Team Server stores user credentials in clear text, accessible to authenticated user

Reporter	Title	Published	Views	Family All 9
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilites affect Engineering Lifecycle Management and IBM Engineering products.	25 Oct 202120:01	–	ibm
Circl	CVE-2021-29786	27 Oct 202120:16	–	circl
CNNVD	IBM Jazz Team Server 安全漏洞	27 Oct 202100:00	–	cnnvd
CNVD	IBM Jazz Team Server Information Disclosure Vulnerability (CNVD-2021-84583)	31 Oct 202100:00	–	cnvd
CVE	CVE-2021-29786	27 Oct 202116:00	–	cve
EUVD	EUVD-2021-16260	7 Oct 202500:30	–	euvd
NVD	CVE-2021-29786	27 Oct 202116:15	–	nvd
OSV	CVE-2021-29786	27 Oct 202116:15	–	osv
Prion	Design/Logic Flaw	27 Oct 202116:15	–	prion

[
  {
    "product": "Engineering Lifecycle Optimization",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "7.0.1"
      },
      {
        "status": "affected",
        "version": "7.0.2"
      }
    ]
  },
  {
    "product": "Rational Collaborative Lifecycle Management",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "6.0.6"
      },
      {
        "status": "affected",
        "version": "6.0.6.1"
      }
    ]
  },
  {
    "product": "Rational Team Concert",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "6.0.2"
      },
      {
        "status": "affected",
        "version": "6.0.6"
      },
      {
        "status": "affected",
        "version": "6.0.6.1"
      }
    ]
  },
  {
    "product": "Rational DOORS Next Generation",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "6.0.6"
      },
      {
        "status": "affected",
        "version": "6.0.6.1"
      },
      {
        "status": "affected",
        "version": "7.0"
      },
      {
        "status": "affected",
        "version": "7.0.1"
      },
      {
        "status": "affected",
        "version": "7.0.2"
      }
    ]
  },
  {
    "product": "Rational Engineering Lifecycle Manager",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "7.0"
      },
      {
        "status": "affected",
        "version": "7.0.1"
      },
      {
        "status": "affected",
        "version": "7.0.2"
      }
    ]
  },
  {
    "product": "Engineering Workflow Management",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "7.0"
      }
    ]
  }
]

Source	Link
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/203172
ibm	www.ibm.com/support/pages/node/6508583

27 Oct 2021 16:00Current

6.1Medium risk

Vulners AI Score6.1

CVSS 36.5

EPSS0.00087