IBM Concert 1.0.0 through 2.1.0 stores potentially sensitive information in log files that could be read by a local user.
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Concert | Ibm | 1.0.0 (including) | 2.2.0 (excluding) |