First published: Mon Oct 17 2022(Updated: )
IBM Business Automation Workflow could disclose sensitive version information to authenticated users which could be used in further attacks against the system.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Business Automation Workflow | >=18.0.0.0<=18.0.0.2 | |
IBM Business Automation Workflow | >=19.0.0.0<=19.0.0.3 | |
IBM Business Automation Workflow | =20.0.0.1 | |
IBM Business Automation Workflow | =20.0.0.1 | |
IBM Business Automation Workflow | =20.0.0.2 | |
IBM Business Automation Workflow | =20.0.0.2 | |
IBM Business Automation Workflow | =21.0.1 | |
IBM Business Automation Workflow | =21.0.2 | |
IBM Business Automation Workflow | =21.0.2 | |
IBM Business Automation Workflow | =21.0.3 | |
IBM Business Automation Workflow | =21.0.3-if002 | |
IBM Business Automation Workflow | =21.0.3-if005 | |
IBM Business Automation Workflow | =21.0.3-if006 | |
IBM Business Automation Workflow | =21.0.3-if007 | |
IBM Business Automation Workflow | =21.0.3-if008 | |
IBM Business Automation Workflow | =21.0.3-if009 | |
IBM Business Automation Workflow | =21.0.3-if010 | |
IBM Business Automation Workflow | =21.0.3-if011 | |
IBM Business Automation Workflow | =22.0.1 | |
IBM Business Automation Workflow | =22.0.1 | |
IBM Business Automation Workflow | =22.0.1-if001 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-35279 is a vulnerability in IBM Business Automation Workflow that could disclose sensitive version information to authenticated users.
CVE-2022-35279 affects IBM Business Automation Workflow versions 18.0.0.0 to 18.0.0.2, 19.0.0.0 to 19.0.0.3, 20.0.0.1, 20.0.0.2, 21.0.2 to 21.0.3, and 22.0.1.
CVE-2022-35279 has a severity level of medium with a CVSS score of 4.3.
Authenticated users can exploit CVE-2022-35279 to obtain sensitive version information that could be used for further attacks against the system.
You can find more information about CVE-2022-35279 at the IBM X-Force Exchange website and the IBM support pages.