Ibm

Business Automation Workflow

48 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2025-1495

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 03.05.2025 16:53:00
  • Zuletzt bearbeitet 14.08.2025 01:52:35

IBM Business Automation Workflow 24.0.0 and 24.0.1 through 24.0.1 IF001 Center may leak sensitive information due to missing authorization validation.

5.4

CVE-2024-54179

  • EPSS 0.03%
  • Veröffentlicht 03.03.2025 14:15:33
  • Zuletzt bearbeitet 18.08.2025 18:21:11

IBM Business Automation Workflow and IBM Business Automation Workflow Enterprise Service Bus 24.0.0, 24.0.1 and earlier unsupported versions are vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary Ja...

4.9

CVE-2024-43188

  • EPSS 0.09%
  • Veröffentlicht 18.09.2024 12:15:02
  • Zuletzt bearbeitet 29.09.2024 00:24:49

IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 could allow a privileged user to perform unauthorized activities due to improper client side validation.

6.5

CVE-2024-38321

  • EPSS 0.07%
  • Veröffentlicht 03.08.2024 14:15:48
  • Zuletzt bearbeitet 06.09.2024 14:50:53

IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 stores potentially sensitive information in log files under certain situations that could be read by an authenticated user. IBM X-Force ID: 284868.

5.4

CVE-2023-50947

  • EPSS 0.11%
  • Veröffentlicht 04.02.2024 01:15:25
  • Zuletzt bearbeitet 21.11.2024 08:37:35

IBM Business Automation Workflow 22.0.2, 23.0.1, and 23.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to creden...

5.4

CVE-2023-24957

  • EPSS 0.09%
  • Veröffentlicht 06.05.2023 03:15:09
  • Zuletzt bearbeitet 29.01.2025 16:15:39

IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3, 20.0.0.1, 20.0.0.2, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript c...

7.5

CVE-2022-43864

  • EPSS 0.07%
  • Veröffentlicht 26.01.2023 21:17:48
  • Zuletzt bearbeitet 21.11.2024 07:27:17

IBM Business Automation Workflow 22.0.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Fo...

8.8

CVE-2022-42435

  • EPSS 0.05%
  • Veröffentlicht 04.01.2023 00:15:10
  • Zuletzt bearbeitet 21.11.2024 07:24:57

IBM Business Automation Workflow 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, and 22.0.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthoriz...

6.1

CVE-2022-41735

  • EPSS 0.12%
  • Veröffentlicht 07.12.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 07:23:45

IBM Business Process Manager 21.0.1 through 21.0.3.1, 20.0.0.1 through 20.0.0.2 19.0.0.1 through 19.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intend...

5.4

CVE-2022-38390

  • EPSS 0.1%
  • Veröffentlicht 17.11.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 07:16:22

Multiple IBM Business Automation Workflow versions are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials di...