Ibm

Business Process Manager

88 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2022-22361

  • EPSS 0.08%
  • Published 31.05.2022 16:15:07
  • Last modified 21.11.2024 06:46:42

IBM Business Automation Workflow traditional 21.0.1 through 21.0.3, 20.0.0.1 through 20.0.0.2, 19.0.0.1 through 19.0.0.3, 18.0.0.0 through 18.0.0.1, IBM Business Automation Workflow containers V21.0.1 - V21.0.3 20.0.0.1 through 20.0.0.2, IBM Business...

4.9

CVE-2021-39046

  • EPSS 0.15%
  • Published 18.03.2022 16:15:08
  • Last modified 21.11.2024 06:18:29

IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 and IBM Business Process Manager 8.5 and 8.6 stores user credentials in plain clear text which can be read by a lprivileged user. IBM X-Force ID: 214346.

6.5

CVE-2021-38900

  • EPSS 0.25%
  • Published 21.12.2021 19:15:07
  • Last modified 21.11.2024 06:18:10

IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation Workflow 18.0, 19.0, 20.0 and 21.0 could allow a privileged user to obtain highly sensitive information due to improper access controls. IBM X-Force ID: 209607.

5.4

CVE-2021-38893

  • EPSS 0.29%
  • Published 21.12.2021 19:15:07
  • Last modified 21.11.2024 06:18:09

IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation Workflow 18.0, 19.0, 20.0 and 21.0 are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the ...

5.4

CVE-2021-38883

  • EPSS 0.22%
  • Published 17.12.2021 17:15:13
  • Last modified 21.11.2024 06:18:08

IBM Business Automation Workflow 18.0, 19.0, 20,0 and 21.0 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intende...

5.9

CVE-2021-29753

  • EPSS 0.07%
  • Published 05.11.2021 18:15:09
  • Last modified 21.11.2024 06:01:44

IBM Business Automation Workflow 18. 19, 20, 21, and IBM Business Process Manager 8.5 and d8.6 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

5.4

CVE-2021-29834

  • EPSS 0.11%
  • Published 29.09.2021 16:15:07
  • Last modified 21.11.2024 06:01:53

IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3,20.0.0.1, 20.0.0.2, and 21.0.2 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to stored cross-site scripting. This vulnerability allows users to ...

4.3

CVE-2021-29751

  • EPSS 0.23%
  • Published 28.06.2021 16:15:08
  • Last modified 21.11.2024 06:01:44

IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.5 and 8.6 could allow an authenticated user to obtain sensitive information about another user under nondefault configurations. IBM X-Force ID: 201779.

5.5

CVE-2020-4794

  • EPSS 0.13%
  • Published 21.12.2020 18:15:16
  • Last modified 21.11.2024 05:33:16

IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2, IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.6 could allow an authenticated user to obtain sensitive information or cuase a denial of service due t...

5.3

CVE-2020-4531

  • EPSS 0.12%
  • Published 25.09.2020 17:15:13
  • Last modified 21.11.2024 05:32:51

IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.0, 8.5, and 8.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This informatio...