CVE-2021-29701

EUVD-2021-16175
IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 as well as IBM Rational Team Concert 6.0.6 and 6.0.6.1 could allow an authneticated attacker to obtain sensitive information from build definitions that could aid in further attacks against the system. IBM X-Force ID: 200657.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
ibmCNA
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/S:U/AV:N/A:N/PR:L/I:N/UI:N/AC:L/C:L/RL:O/E:U/RC:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 30%
Affected Products (NVD)
VendorProductVersion
ibmengineering_workflow_management
7.0
ibmengineering_workflow_management
7.0.1
ibmengineering_workflow_management
7.0.2
ibmrational_team_concert
6.0.6
ibmrational_team_concert
6.0.6.1
𝑥
= Vulnerable software versions
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/200657
https://www.ibm.com/support/pages/node/6539546
https://exchange.xforce.ibmcloud.com/vulnerabilities/200657
https://www.ibm.com/support/pages/node/6539546