First published: Thu Nov 04 2021(Updated: )
IBM Business Automation Workflow transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Business Automation Workflow | <=V21.0V20.0V19.0V18.0 | |
IBM Business Process Manager | <=V8.6V8.5 | |
IBM Business Automation Workflow | =18.0.0.0 | |
IBM Business Automation Workflow | =19.0.0.0 | |
IBM Business Automation Workflow | =20.0.0.0 | |
IBM Business Automation Workflow | =21.0.0.0 | |
IBM Business Process Manager | =8.5.0.0 | |
IBM Business Process Manager | =8.6.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2021-29753.
The severity of CVE-2021-29753 is medium with a severity value of 5.9.
IBM Business Automation Workflow versions 18.0, 19.0, 20.0, 21.0, and IBM Business Process Manager versions 8.5, 8.6 are affected by CVE-2021-29753.
CVE-2021-29753 transmits or stores authentication credentials using an insecure method, making them susceptible to unauthorized interception and/or retrieval.
You can find more information about CVE-2021-29753 on the IBM X-Force Exchange website and the IBM Support page.