CVE-2021-29701

IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 as well as IBM Rational Team Concert 6.0.6 and 6.0.6.1 could allow an authneticated attacker to obtain sensitive information from build definitions that could aid in further attacks against the system. IBM X-Force ID: 200657.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
ibmCNA
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/S:U/AV:N/A:N/PR:L/I:N/UI:N/AC:L/C:L/RL:O/E:U/RC:C
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 32%
VendorProductVersion
ibmengineering_workflow_management
7.0
ibmengineering_workflow_management
7.0.1
ibmengineering_workflow_management
7.0.2
ibmrational_team_concert
6.0.6
ibmrational_team_concert
6.0.6.1
𝑥
= Vulnerable software versions
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/200657
https://www.ibm.com/support/pages/node/6539546
https://exchange.xforce.ibmcloud.com/vulnerabilities/200657
https://www.ibm.com/support/pages/node/6539546