CWE-522

IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores user credentials in plain in clear text which can be read by an authenticated user. IBM X-Force ID: 171938.

IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain credentials from a user’s browser via incorrect autocomplete settings in New Data Server Connection page. IBM X-Force ID: 172129.

IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain credentials from a user’s browser via incorrect autocomplete settings in New Content Backup page. IBM X-Force ID: 172130.

IBM UrbanCode Deploy (UCD) 7.0.4.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 171250.

IBM QRadar SIEM 7.3.0 through 7.3.3 uses weak credential storage in some instances which could be decrypted by a local attacker. IBM X-Force ID: 164429.

IBM Watson Studio Local 1.2.3 stores key files in the user’s home directory which could be obtained by another local user. IBM X-Force ID: 161413.