4.3

CVE-2021-29751

IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.5 and 8.6 could allow an authenticated user to obtain sensitive information about another user under nondefault configurations. IBM X-Force ID: 201779.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmBusiness Automation Workflow Version18.0.0.0
IbmBusiness Automation Workflow Version19.0.0.0
IbmBusiness Automation Workflow Version20.0.0.0
IbmBusiness Process Manager Version8.5.0.0
IbmBusiness Process Manager Version8.6.0.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.85% 0.533
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 2.8 1.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
nvd@nist.gov 3.5 6.8 2.9
AV:N/AC:M/Au:S/C:P/I:N/A:N
psirt@us.ibm.com 3.1 1.6 1.4
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://exchange.xforce.ibmcloud.com/vulnerabilities/201779
Vendor Advisory
VDB Entry
https://www.ibm.com/support/pages/node/6465127
Patch
Vendor Advisory
https://www.ibm.com/support/pages/node/6467055
Patch
Vendor Advisory