Blackboard Inc. Information for VU#204055

Blackboard Transact database credentials disclosure

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor recommends users upgrade to Blackboard Transact Suite 3.6 Patch 2 (version 3.6.0.2) to address the vulnerability in the BbtsConnection_Edit.exe utility.

The vendor recommends users upgrade to Blackboard Transact Suite 3.6 Patch 4 (version 3.6.0.4) to address the issue of database username and password in clear text inside of multiple script and batch (.bat) files that are used for automated backups.

Vendor References

None

Addendum

If you have feedback, comments, or additional information about this vulnerability, please send us email.