Notified:  December 20, 2010 Updated: January 17, 2011

Status

Affected

Vendor Statement

CollabNet has stated to CERT that the client passwords are encrypted in CollabNet ScrumWorks Pro, and there are no plans for adding an encryption feature into CollabNet ScrumWorks Basic.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.