High severity7.5NVD Advisory· Published Jun 8, 2021· Updated Jun 17, 2026
CVE-2020-26515
CVE-2020-26515
Description
An insufficiently protected credentials issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4. The remember-me cookie (CB_LOGIN) issued by the application contains the encrypted user's credentials. However, due to a bug in the application code, those credentials are encrypted using a NULL encryption key.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Intland/codeBeamer ALMdescription
- Range: 10.x through 10.1.SP4
Patches
Vulnerability mechanics
References
2- www.compass-security.com/fileadmin/Research/Advisories/2021-09_CSNC-2020-010-codebeamer_ALM_Insecure-RememberMe.txtnvdExploitThird Party Advisory
- intland.com/codebeamer/application-lifecycle-management/nvdProductVendor Advisory
News mentions
0No linked articles in our index yet.