CVE-2011-0410 Information

Description

CollabNet ScrumWorks Basic 1.8.4 uses cleartext credentials for network communication and the internal database which makes it easier for context-dependent attackers to obtain sensitive information by (1) sniffing the network for transmissions of Java objects or (2) reading the database.

Reference

http://osvdb.org/70601 http://osvdb.org/70602 http://secunia.com/advisories/43010 http://www.kb.cert.org/vuls/id/547167 https://exchange.xforce.ibmcloud.com/vulnerabilities/64883