Latest ibm business automation workflow Vulnerabilities

CVE-2023-50947
IBM Business Automation Workflow cross-site scripting
IBM Business Automation Workflow>=19.0.0.1<=19.0.0.3
IBM Business Automation Workflow>=21.0.1<=21.0.3.1
IBM Business Automation Workflow=20.0.0.1
IBM Business Automation Workflow=20.0.0.1
IBM Business Automation Workflow=20.0.0.2
IBM Business Automation Workflow=20.0.0.2
and 62 more
CVE-2023-24957
IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3, 20.0.0.1, 20.0.0.2, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to cross-site scripting. This vulnerab...
IBM Business Automation Workflow>=19.0.0.1<=19.0.0.3
IBM Business Automation Workflow>=20.0.0.1<21.0.3
IBM Business Automation Workflow>=21.0.1<=21.0.3.1
IBM Business Automation Workflow>=22.0.1<22.0.2
IBM Business Automation Workflow=18.0.0.0
IBM Business Automation Workflow=18.0.0.1
and 51 more
CVE-2022-43864
IBM Business Automation Workflow could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to vi...
IBM Business Automation Workflow>=21.0.1<=21.0.3.1
IBM Business Automation Workflow=20.0.0.1
IBM Business Automation Workflow=20.0.0.2
IBM Business Automation Workflow=22.0.1
IBM Business Automation Workflow=22.0.2
IBM Business Monitor=8.5.5
and 2 more
CVE-2022-41735
IBM Business Process Manager is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentiall...
IBM Business Automation Workflow>=19.0.0.1<=19.0.0.3
IBM Business Automation Workflow>=21.0.1<=21.0.3.1
IBM Business Automation Workflow=20.0.0.1
IBM Business Automation Workflow=20.0.0.1
IBM Business Automation Workflow=20.0.0.2
IBM Business Automation Workflow=20.0.0.2
and 19 more
CVE-2022-35279
IBM Business Automation Workflow could disclose sensitive version information to authenticated users which could be used in further attacks against the system.
IBM Business Automation Workflow>=18.0.0.0<=18.0.0.2
IBM Business Automation Workflow>=19.0.0.0<=19.0.0.3
IBM Business Automation Workflow=20.0.0.1
IBM Business Automation Workflow=20.0.0.1
IBM Business Automation Workflow=20.0.0.2
IBM Business Automation Workflow=20.0.0.2
and 15 more
CVE-2022-22361
IBM Business Automation Workflow is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...
IBM Business Automation Workflow>=19.0.0.1<=19.0.0.3
IBM Business Automation Workflow>=21.0.1<=21.0.3
IBM Business Automation Workflow=18.0.0.0
IBM Business Automation Workflow=18.0.0.1
IBM Business Automation Workflow=20.0.0.1
IBM Business Automation Workflow=20.0.0.2
and 2 more
IBM-6564387
IBM Business Automation Workflow<=V21.0V20.0V19.0V18.0
IBM Business Process Manager<=V8.6V8.5
CVE-2021-39046
IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 and IBM Business Process Manager 8.5 and 8.6 stores user credentials in plain clear text which can be read by a lprivileged user. IBM X-Forc...
IBM Business Automation Workflow=18.0.0.0
IBM Business Automation Workflow=18.0.0.1
IBM Business Automation Workflow=18.0.0.2
IBM Business Automation Workflow=19.0.0.1
IBM Business Automation Workflow=19.0.0.2
IBM Business Automation Workflow=19.0.0.3
and 7 more
IBM-6527782
IBM Business Automation Workflow<=V21.0V20.0V19.0V18.0
IBM Business Process Manager<=V8.6V8.5
IBM-6527776
IBM Business Automation Workflow<=V21.0V20.0V19.0V18.0
IBM Business Process Manager<=V8.6V8.5
IBM-6527270
IBM Business Automation Workflow<=18.0.0.x, 19.0.0.x, 20.0.0.x, 21.0.x
IBM Business Process Manager<=8.5.x, 8.6.x
CVE-2021-38883
IBM Business Automation Workflow is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potent...
IBM Business Automation Workflow<=18.0.0.x, 19.0.0.x, 20.0.0.x, 21.0.x
IBM Business Process Manager<=8.5.x, 8.6.x
IBM Business Automation Workflow=18.0.0.0
IBM Business Automation Workflow=18.0.0.1
IBM Business Automation Workflow=18.0.0.2
IBM Business Automation Workflow=19.0.0.0
and 14 more
CVE-2021-38900
IBM Business Automation Workflow could allow a privileged user to obtain highly sensitive information due to improper access controls.
IBM ICP4A - Workflow Process Services<=V21.0.2
IBM Business Automation Workflow=18.0.0.0
IBM Business Automation Workflow=18.0.0.1
IBM Business Automation Workflow=18.0.0.2
IBM Business Automation Workflow=19.0.0.0
IBM Business Automation Workflow=19.0.0.1
and 5 more
IBM-6513703
IBM Business Automation Workflow<=V21.0V20.0V19.0V18.0
IBM Business Process Manager<=V8.6V8.5
CVE-2021-29753
IBM Business Automation Workflow transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
IBM Business Automation Workflow<=V21.0V20.0V19.0V18.0
IBM Business Process Manager<=V8.6V8.5
IBM Business Automation Workflow=18.0.0.0
IBM Business Automation Workflow=19.0.0.0
IBM Business Automation Workflow=20.0.0.0
IBM Business Automation Workflow=21.0.0.0
and 2 more
IBM-6507319
IBM Business Automation Workflow<=V21.0V20.0V19.0V18.0
CVE-2021-29835
IBM Business Automation Workflow and IBM Business Process Manager is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering ...
IBM Business Automation Workflow<=V21.0V20.0V19.0V18.0
IBM Business Automation Workflow=18.0.0.0
IBM Business Automation Workflow=19.0.0.0
IBM Business Automation Workflow=20.0.0.0
IBM Business Automation Workflow=21.0.0.0
CVE-2021-29878
IBM Business Automation Workflow is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potent...
IBM Business Automation Workflow<=V21.0V20.0V19.0V18.0
IBM Business Automation Workflow=18.0.0.0
IBM Business Automation Workflow=18.0.0.1
IBM Business Automation Workflow=18.0.0.2
IBM Business Automation Workflow=19.0.0.0
IBM Business Automation Workflow=19.0.0.1
and 6 more
IBM-6501949
IBM Business Automation Workflow<=V21.0V20.0V19.0V18.0
IBM-6493271
IBM Business Automation Workflow<=V21.0V20.0V19.0V18.0
IBM Business Process Manager<=V8.6V8.5
CVE-2021-29834
IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3,20.0.0.1, 20.0.0.2, and 21.0.2 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to stored cross-s...
IBM Business Automation Workflow=18.0.0.0
IBM Business Automation Workflow=18.0.0.1
IBM Business Automation Workflow=18.0.0.2
IBM Business Automation Workflow=19.0.0.1
IBM Business Automation Workflow=19.0.0.2
IBM Business Automation Workflow=19.0.0.3
and 7 more
CVE-2021-29751
IBM Business Automation Workflow could allow an authenticated user to obtain sensitive information about another user under nondefault configurations.
IBM Business Automation Workflow<=V20.0V19.0V18.0
IBM Business Process Manager<=V8.6V8.5
IBM Business Automation Workflow=18.0.0.0
IBM Business Automation Workflow=19.0.0.0
IBM Business Automation Workflow=20.0.0.0
IBM Business Process Manager=8.5.0.0
and 1 more
CVE-2021-29775
IBM Business Process Manager is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentiall...
IBM Business Automation Workflow<=V20.0V19.0.0.3
IBM Business Automation Workflow=19.0.0.3
IBM Business Automation Workflow=20.0.0.0
IBM Cloud Pak for Automation=20.0.3-if002
IBM Cloud Pak for Automation=21.0.1
IBM-6467055
IBM Business Automation Workflow<=V20.0V19.0V18.0
IBM Business Process Manager<=V8.6V8.5
CVE-2020-4768
IBM Case Manager 5.2 and 5.3 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the...
IBM Business Automation Workflow>=18.0.0.0<=20.0.0.2
IBM Case Manager>=5.2.0<=5.3.3
IBM Business Automation Workflow<=V18.0.0.x
IBM Business Automation Workflow<=V19.0.0.x
IBM Business Automation Workflow<=V20.0.0.1
IBM Case Manager<=V5.3.x
and 1 more
IBM-6414377
IBM Business Automation Workflow<=V18.0.0.x
IBM Business Automation Workflow<=V19.0.0.x
IBM Business Automation Workflow<=V20.0.0.1
IBM Case Manager<=V5.3.x
IBM Case Manager<=V5.2.x
IBM-6359463
IBM Cloud Pak for Automation<=IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2IBM Business Automation Workflow 20.0.2
IBM Business Automation Workflow<=V18.0, V19.0, V20.0 traditionalV20.0 containers
IBM Business Process Manager<=V8.6
CVE-2020-4794
IBM Process Federation Server Component, IBM Business Automation Workflow and IBM Business Process Manager could allow an authenticated user to obtain sensitive information or cuase a denial of servic...
IBM Cloud Pak for Automation<=IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2IBM Business Automation Workflow 20.0.2
IBM Business Automation Workflow<=V18.0, V19.0, V20.0 traditionalV20.0 containers
IBM Business Process Manager<=V8.6
IBM Automation Workstream Services=19.0.3
IBM Automation Workstream Services=20.0.1
IBM Automation Workstream Services=20.0.2
and 48 more
IBM-6373004
IBM Business Automation Workflow<=V19.0.0.3 with interim fix JR62240
CVE-2020-4900
IBM Business Automation Workflow 19.0.0.3 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 190991.
IBM Business Automation Workflow=19.0.0.3
IBM Business Automation Workflow<=V19.0.0.3 with interim fix JR62240
CVE-2020-4672
IBM Business Automation Workflow 20.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionali...
IBM Business Automation Workflow=20.0.0.1
IBM-6367813
IBM Business Automation Workflow<=V20.0
CVE-2020-4531
IBM Business Automation Workflow and IBM Business Process Manager could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. Thi...
IBM Business Automation Workflow<=V20.0V19.0 V18.0
IBM Business Process Manager<=V8.6V8.5 V8.0
IBM Business Automation Workflow=18.0.0.0
IBM Business Automation Workflow=19.0.0.0
IBM Business Automation Workflow=20.0.0.0
IBM Business Process Manager=8.0.0.0
and 2 more
IBM-6336935
IBM Business Automation Workflow<=V20.0V19.0 V18.0
IBM Business Process Manager<=V8.6V8.5 V8.0
CVE-2020-4530
IBM Business Automation Workflow and IBM Business Process Manager are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering...
IBM Business Automation Workflow<=C.D.0
IBM Business Process Manager<=8.0, 8.5, 8.6
IBM Business Automation Workflow<20.0.0.2
IBM Business Process Manager>=8.0.0.0<8.0.1.0
IBM Business Process Manager>=8.5.0.0<8.5.7.0
IBM Business Process Manager=8.6.0.0
IBM-6332417
IBM Business Automation Workflow<=C.D.0
IBM Business Process Manager<=8.0, 8.5, 8.6
CVE-2020-4698
IBM Business Process Manager 8.5, 8.6 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaSc...
IBM Business Automation Workflow=18.0.0.0
IBM Business Automation Workflow=18.0.0.1
IBM Business Automation Workflow=18.0.0.2
IBM Business Automation Workflow=19.0.0.0
IBM Business Automation Workflow=19.0.0.1
IBM Business Automation Workflow=19.0.0.2
and 30 more
CVE-2020-4516
IBM Business Process Manager and IBM Business Automation Workflow is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering ...
IBM Business Automation Workflow<=V20.0V19.0V18.0
IBM Business Process Manager<=V8.6V8.5
IBM Business Automation Workflow=18.0.0.0
IBM Business Automation Workflow=18.0.0.1
IBM Business Automation Workflow=18.0.0.2
IBM Business Automation Workflow=19.0.0.0
and 32 more
IBM-6326901
IBM Business Automation Workflow<=V20.0V19.0V18.0
IBM Business Process Manager<=V8.6V8.5
IBM-6326825
IBM Business Automation Workflow<=V20.0V19.0V18.0
IBM Business Process Manager<=V8.6V8.5
IBM-6241338
IBM Business Automation Workflow<=V20.0V19.0V18.0
IBM Business Process Manager<=V8.6V8.5
CVE-2020-4557
IBM Business Automation Workflow and IBM Business Process Manager is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering ...
IBM Business Automation Workflow<=V20.0V19.0V18.0
IBM Business Process Manager<=V8.6V8.5
IBM Business Automation Workflow=18.0.0.0
IBM Business Automation Workflow=19.0.0.0
IBM Business Automation Workflow=20.0.0.0
IBM Business Process Manager=8.5.0.0
and 1 more
CVE-2020-4532
IBM Business Automation Workflow and IBM Business Process Manager (IBM Business Process Manager Express 8.5.5, 8.5.6, 8.5.7, and 8.6) could allow a remote attacker to obtain sensitive information when...
IBM Business Automation Workflow=18.0.0.1
IBM Business Automation Workflow=19.0.0.3
IBM Business Process Manager>=8.5.5.0<8.5.7.0
IBM Business Process Manager=8.6.0.0
IBM Business Automation Workflow<=V19.0.0.3 note that 19.0.0.1 and 19.0.0.2 are NOT affected)V18.0.0.1
IBM Business Process Manager<=V8.6V8.5 (8.5.5.0 and later)
IBM-6233276
IBM Business Automation Workflow<=V19.0.0.3 note that 19.0.0.1 and 19.0.0.2 are NOT affected)V18.0.0.1
IBM Business Process Manager<=V8.6V8.5 (8.5.5.0 and later)
IBM-6217550
IBM Business Automation Workflow<=V19.0V18.0
IBM Business Process Manager<=V8.6V8.5V8.0
IBM-6205805
IBM Business Automation Workflow<=V19.0V18.0
IBM Business Process Manager<=V8.6V8.5V8.0
CVE-2020-4446
IBM Business Process Manager and IBM Business Automation Workflow could allow a remote attacker to bypass security restrictions, caused by the failure to perform insufficient authorization checks.
IBM Business Automation Workflow<=V19.0V18.0
IBM Business Process Manager<=V8.6V8.5V8.0
IBM Business Automation Workflow>=18.0.0.0<=18.0.0.2
IBM Business Automation Workflow>=19.0.0.1<=19.0.0.3
IBM Business Process Manager>=8.0.0.0<=8.0.1.3
IBM Business Process Manager>=8.5.0.0<=8.5.7.0
and 1 more
CVE-2019-4669
IBM Business Process Manager 8.5.7.0 through 8.5.7.0 2017.06, 8.6.0.0 through 8.6.0.0 CF2018.03, and IBM Business Automation Workflow 18.0.0.1 through 19.0.0.3 is vulnerable to SQL injection. A remote...
IBM Business Process Manager=8.5.7.0
IBM Business Process Manager=8.5.7.0-cf201606
IBM Business Process Manager=8.5.7.0-cf201609
IBM Business Process Manager=8.5.7.0-cf201612
IBM Business Process Manager=8.5.7.0-cf201703
IBM Business Process Manager=8.5.7.0-cf201706
and 7 more
IBM-3552261
IBM Business Process Manager<=8.5.7.0 - 8.5.7.0 2017.06
IBM Business Process Manager<=8.6.0.0 - 8.6.0.0 CF2018.03
IBM Business Automation Workflow<=18.0.0.1 - 19.0.0.3
IBM-1135552
IBM Business Automation Workflow<=18.0 19.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203