CollabNet Information for VU#547167

CollabNet ScrumWorks Basic Server transmits credential information in plaintext



Vendor Statement

CollabNet has stated to CERT that the client passwords are encrypted in CollabNet ScrumWorks Pro, and there are no plans for adding an encryption feature into CollabNet ScrumWorks Basic.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References



There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.