CVE-2016-9693

2017-03-07T17:59:00
ID CVE-2016-9693
Type cve
Reporter cve@mitre.org
Modified 2017-05-02T01:59:00

Description

IBM Business Process Manager 7.5, 8.0, and 8.5 has a file download capability that is vulnerable to a set of attacks. Ultimately, an attacker can cause an unauthenticated victim to download a malicious payload. An existing file type restriction can be bypassed so that the payload might be considered executable and cause damage on the victim's machine. IBM Reference #: 1998655.