CVE-2020-4794
First published: Fri Dec 18 2020(Updated: )
IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2, IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.6 could allow an authenticated user to obtain sensitive information or cuase a denial of service due to iimproper authorization checking. IBM X-Force ID: 189445.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Automation Workstream Services | =19.0.3 | |
| IBM Automation Workstream Services | =20.0.1 | |
| IBM Automation Workstream Services | =20.0.2 | |
| IBM Business Process Manager | =8.0.0.0 | |
| IBM Business Process Manager | =8.0.0.0 | |
| IBM Business Process Manager | =8.0.1.0 | |
| IBM Business Process Manager | =8.0.1.0 | |
| IBM Business Process Manager | =8.0.1.1 | |
| IBM Business Process Manager | =8.0.1.1 | |
| IBM Business Process Manager | =8.0.1.2 | |
| IBM Business Process Manager | =8.0.1.2 | |
| IBM Business Process Manager | =8.0.1.3 | |
| IBM Business Process Manager | =8.0.1.3 | |
| IBM Business Process Manager | =8.5.0.0 | |
| IBM Business Process Manager | =8.5.0.0 | |
| IBM Business Process Manager | =8.5.0.1 | |
| IBM Business Process Manager | =8.5.0.1 | |
| IBM Business Process Manager | =8.5.0.2 | |
| IBM Business Process Manager | =8.5.0.2 | |
| IBM Business Process Manager | =8.5.5.0 | |
| IBM Business Process Manager | =8.5.5.0 | |
| IBM Business Process Manager | =8.5.6.0 | |
| IBM Business Process Manager | =8.5.6.0 | |
| IBM Business Process Manager | =8.5.6.1 | |
| IBM Business Process Manager | =8.5.6.1 | |
| IBM Business Process Manager | =8.5.6.2 | |
| IBM Business Process Manager | =8.5.6.2 | |
| IBM Business Process Manager | =8.5.7.0 | |
| IBM Business Process Manager | =8.5.7.0 | |
| IBM Business Process Manager | =8.5.7.0-cf201606 | |
| IBM Business Process Manager | =8.5.7.0-cf201606 | |
| IBM Business Process Manager | =8.5.7.0-cf201609 | |
| IBM Business Process Manager | =8.5.7.0-cf201609 | |
| IBM Business Process Manager | =8.5.7.0-cf201612 | |
| IBM Business Process Manager | =8.5.7.0-cf201612 | |
| IBM Business Process Manager | =8.5.7.0-cf201703 | |
| IBM Business Process Manager | =8.5.7.0-cf201703 | |
| IBM Business Process Manager | =8.5.7.0-cf201706 | |
| IBM Business Process Manager | =8.5.7.0-cf201706 | |
| IBM Business Process Manager | =8.6 | |
| IBM Business Process Manager | =8.6 | |
| IBM Business Automation Workflow | =18.0.0.0 | |
| IBM Business Automation Workflow | =18.0.0.1 | |
| IBM Business Automation Workflow | =18.0.0.2 | |
| IBM Business Automation Workflow | =19.0.0.0 | |
| IBM Business Automation Workflow | =19.0.0.1 | |
| IBM Business Automation Workflow | =19.0.0.2 | |
| IBM Business Automation Workflow | =19.0.0.3 | |
| IBM Business Automation Workflow | =20.0.0.0 | |
| IBM Business Automation Workflow | =20.0.0.1 | |
| IBM Business Automation Workflow | =20.0.2.0 | |
| <=IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2IBM Business Automation Workflow 20.0.2 | ||
| <=V18.0, V19.0, V20.0 traditionalV20.0 containers | ||
| <=V8.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/references
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/remedy
- agent/author
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- vendor/ibm
- canonical/ibm automation workstream services
- version/ibm automation workstream services/19.0.3
- version/ibm automation workstream services/20.0.1
- version/ibm automation workstream services/20.0.2
- canonical/ibm business process manager
- version/ibm business process manager/8.0.0.0
- version/ibm business process manager/8.0.1.0
- version/ibm business process manager/8.0.1.1
- version/ibm business process manager/8.0.1.2
- version/ibm business process manager/8.0.1.3
- version/ibm business process manager/8.5.0.0
- version/ibm business process manager/8.5.0.1
- version/ibm business process manager/8.5.0.2
- version/ibm business process manager/8.5.5.0
- version/ibm business process manager/8.5.6.0
- version/ibm business process manager/8.5.6.1
- version/ibm business process manager/8.5.6.2
- version/ibm business process manager/8.5.7.0
- version/ibm business process manager/8.5.7.0-cf201606
- version/ibm business process manager/8.5.7.0-cf201609
- version/ibm business process manager/8.5.7.0-cf201612
- version/ibm business process manager/8.5.7.0-cf201703
- version/ibm business process manager/8.5.7.0-cf201706
- version/ibm business process manager/8.6
- canonical/ibm business automation workflow
- version/ibm business automation workflow/18.0.0.0
- version/ibm business automation workflow/18.0.0.1
- version/ibm business automation workflow/18.0.0.2
- version/ibm business automation workflow/19.0.0.0
- version/ibm business automation workflow/19.0.0.1
- version/ibm business automation workflow/19.0.0.2
- version/ibm business automation workflow/19.0.0.3
- version/ibm business automation workflow/20.0.0.0
- version/ibm business automation workflow/20.0.0.1
- version/ibm business automation workflow/20.0.2.0
- canonical/ibm cloud pak for automation
- version/ibm cloud pak for automation/ibm automation workstream services 19.0.3, 20.0.1, 20.0.2ibm business automation workflow 20.0.2
- version/ibm business automation workflow/v18.0, v19.0, v20.0 traditionalv20.0 containers
- version/ibm business process manager/v8.6