Description

IBM Team Concert (RTC) 5.0, 5.0.1, 5.0.2, 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, and 6.0.5 stores credentials for users using a weak encryption algorithm, which could allow an authenticated user to obtain highly sensitive information. IBM X-Force ID: 134393.

Remediation

References

CVE-2017-1701

Related Vulnerabilities

phpMyFAQ Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-0788)

WordPress Plugin Zoho CRM Lead Magnet Cross-Site Scripting (1.7.2.8)

WordPress Plugin Tracking Code Manager Multiple Vulnerabilities (1.11.1)

WordPress Plugin Count per Day 'month' Parameter SQL Injection (2.17)

Drupal Core 8.9.x Information Disclosure (8.9.0 - 8.9.5)

Severity

High

Classification

CVE-2017-1701 CWE-326 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities