Clear Text Storage of User Credentials in IBM Business Automation Workflow and IBM Business Process Manager

Clear Text Storage of User Credentials in IBM Business Automation Workflow and IBM Business Process Manager

CVE-2021-39046 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 and IBM Business Process Manager 8.5 and 8.6 stores user credentials in plain clear text which can be read by a lprivileged user. IBM X-Force ID: 214346.

Learn more about our User Device Pen Test.