Ibm

Cloud Pak For Business Automation

19 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2023-35899

  • EPSS 0.09%
  • Veröffentlicht 21.03.2024 02:47:58
  • Zuletzt bearbeitet 05.03.2025 18:24:35

IBM Cloud Pak for Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the syst...

6.5

CVE-2023-38367

  • EPSS 0.06%
  • Veröffentlicht 29.02.2024 02:15:09
  • Zuletzt bearbeitet 27.03.2025 15:15:46

IBM Cloud Pak Foundational Services Identity Provider (idP) API (IBM Cloud Pak for Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2) allows CRUD Operations with an invalid t...

5.4

CVE-2023-50947

  • EPSS 0.11%
  • Veröffentlicht 04.02.2024 01:15:25
  • Zuletzt bearbeitet 21.11.2024 08:37:35

IBM Business Automation Workflow 22.0.2, 23.0.1, and 23.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to creden...

4.9

CVE-2023-40691

  • EPSS 0.05%
  • Veröffentlicht 18.12.2023 21:15:08
  • Zuletzt bearbeitet 21.11.2024 08:19:58

IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 may reveal sensitive information contained in application configuration to developer and administ...

7.6

CVE-2023-35024

  • EPSS 0.06%
  • Veröffentlicht 14.10.2023 16:15:10
  • Zuletzt bearbeitet 21.11.2024 08:07:50

IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScr...

6.1

CVE-2023-32339

  • EPSS 0.15%
  • Veröffentlicht 27.06.2023 17:15:09
  • Zuletzt bearbeitet 21.11.2024 08:03:08

IBM Business Automation Workflow is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a t...

5.4

CVE-2023-22860

  • EPSS 0.09%
  • Veröffentlicht 27.02.2023 15:15:11
  • Zuletzt bearbeitet 21.11.2024 07:45:32

IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary ...

3.3

CVE-2023-23469

  • EPSS 0.03%
  • Veröffentlicht 01.02.2023 19:15:08
  • Zuletzt bearbeitet 26.03.2025 15:15:46

IBM ICP4A - Automation Decision Services 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-...

6.8

CVE-2021-29859

  • EPSS 0.05%
  • Veröffentlicht 02.05.2022 17:15:07
  • Zuletzt bearbeitet 21.11.2024 06:01:55

IBM ICP4A - User Management System Component (IBM Cloud Pak for Business Automation V21.0.3 through V21.0.3-IF008, V21.0.2 through V21.0.2-IF009, and V21.0.1 through V21.0.1-IF007) could allow a user with physical access to the system to perform unau...