IBM Jazz Team Server products stores user credentials in clear text which can be read by an authenticated user. IBM X-Force ID: 203172.
Weakness
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Engineering_lifecycle_optimization | Ibm | 7.0 (including) | 7.0 (including) |
| Engineering_lifecycle_optimization | Ibm | 7.0.1 (including) | 7.0.1 (including) |
| Engineering_lifecycle_optimization | Ibm | 7.0.2 (including) | 7.0.2 (including) |
| Engineering_workflow_management | Ibm | 7.0 (including) | 7.0 (including) |
| Engineering_workflow_management | Ibm | 7.0.1 (including) | 7.0.1 (including) |
| Engineering_workflow_management | Ibm | 7.0.2 (including) | 7.0.2 (including) |
| Rational_collaborative_lifecycle_management | Ibm | 6.0.6 (including) | 6.0.6 (including) |
| Rational_collaborative_lifecycle_management | Ibm | 6.0.6.1 (including) | 6.0.6.1 (including) |
| Rational_doors_next_generation | Ibm | 6.0.6 (including) | 6.0.6 (including) |
| Rational_doors_next_generation | Ibm | 6.0.6.1 (including) | 6.0.6.1 (including) |
| Rational_doors_next_generation | Ibm | 7.0 (including) | 7.0 (including) |
| Rational_doors_next_generation | Ibm | 7.0.1 (including) | 7.0.1 (including) |
| Rational_doors_next_generation | Ibm | 7.0.2 (including) | 7.0.2 (including) |
| Rational_engineering_lifecycle_manager | Ibm | 7.0 (including) | 7.0 (including) |
| Rational_team_concert | Ibm | 6.0.2 (including) | 6.0.2 (including) |
| Rational_team_concert | Ibm | 6.0.6 (including) | 6.0.6 (including) |
| Rational_team_concert | Ibm | 6.0.6.1 (including) | 6.0.6.1 (including) |