Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Business_process_manager_enterprise_service_bus
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 4 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-04-08 | CVE-2018-1885 | IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, and 18.0.0.2 could allow an unauthenticated attacker to obtain sensitve information using a specially cracted HTTP request. IBM X-Force ID: 152020. | Business_automation_workflow, Business_process_manager, Business_process_manager_enterprise_service_bus, Websphere_enterprise_service_bus | 5.3 | ||
| 2018-03-30 | CVE-2018-1384 | IBM Business Process Manager 8.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138135. | Business_process_manager, Business_process_manager_enterprise_service_bus, Websphere_enterprise_service_bus, Websphere_process_server | 5.4 | ||
| 2018-03-30 | CVE-2017-1765 | IBM Business Process Manager 8.6 could allow an authenticated user with special privileges to reveal sensitive information about the application server. IBM X-Force ID: 136150. | Business_process_manager, Business_process_manager_enterprise_service_bus | 4.3 | ||
| 2018-03-30 | CVE-2017-1756 | IBM Business Process Manager 8.6 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 135856. | Business_process_manager, Business_process_manager_enterprise_service_bus, Websphere | 3.3 |