CVE-2021-39046
CVE-2021-39046
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.9EPSS 0.9%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
18 Mar 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 and IBM Business Process Manager 8.5 and 8.6 stores user credentials in plain clear text which can be read by a lprivileged user. IBM X-Force ID: 214346.
CVSS:3.0/I:N/PR:H/AC:L/S:U/AV:N/A:N/UI:N/C:H/E:U/RL:O/RC:C