forked from CVEProject/cvelist
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathCVE-2021-39046.json
130 lines (130 loc) · 4.67 KB
/
CVE-2021-39046.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
{
"impact": {
"cvssv3": {
"BM": {
"I": "N",
"PR": "H",
"AC": "L",
"SCORE": "4.900",
"S": "U",
"AV": "N",
"A": "N",
"UI": "N",
"C": "H"
},
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"data_format": "MITRE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "18.0.0.0"
},
{
"version_value": "18.0.0.1"
},
{
"version_value": "18.0.0.2"
},
{
"version_value": "19.0.0.1"
},
{
"version_value": "19.0.0.2"
},
{
"version_value": "19.0.0.3"
},
{
"version_value": "20.0.0.1"
},
{
"version_value": "20.0.0.2"
},
{
"version_value": "21.0.2"
},
{
"version_value": "21.0.3"
}
]
},
"product_name": "Business Automation Workflow"
},
{
"version": {
"version_data": [
{
"version_value": "8.5"
},
{
"version_value": "8.6"
}
]
},
"product_name": "Business Process Manager"
}
]
}
}
]
}
},
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2022-03-17T00:00:00",
"ID": "CVE-2021-39046"
},
"description": {
"description_data": [
{
"value": "IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 and IBM Business Process Manager 8.5 and 8.6 stores user credentials in plain clear text which can be read by a lprivileged user. IBM X-Force ID: 214346.",
"lang": "eng"
}
]
},
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6564387 (Business Automation Workflow)",
"name": "https://www.ibm.com/support/pages/node/6564387",
"url": "https://www.ibm.com/support/pages/node/6564387",
"refsource": "CONFIRM"
},
{
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/214346",
"title": "X-Force Vulnerability Report",
"name": "ibm-baw-cve202139046-info-disc (214346)"
}
]
},
"data_type": "CVE"
}