Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An insufficiently protected credentials issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4. The remember-me cookie (CB_LOGIN) issued by the application contains the encrypted user's credentials. However, due to a bug in the application code, those credentials are encrypted using a NULL encryption key.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Intland codeBeamer ALM 安全漏洞
Vulnerability Description
Intland Software codeBeamer ALM是德国Intland Software公司的一套应用程序生命周期管理平台。该平台支持应用程序生命周期管理、需求管理、风险管理和软件开发等功能。 Intland codeBeamer ALM 10中存在安全漏洞,该漏洞源于应用程序发出的remember-me cookie (CB LOGIN)包含加密的用户凭据。但是,由于应用程序代码中的一个bug,这些凭据使用NULL加密密钥进行加密。
CVSS Information
N/A
Vulnerability Type
N/A