CVE-2018-1674

🗓️ 20 Sep 2018 15:00:00Reported by ibmType

IBM BPM 8.5-8.6 & 18.0.0.0-18.0.0.1 SQL injection vulnerabilit

Reporter	Title	Published	Views	Family All 7
CNVD	IBM Business Process Manager SQL Injection Vulnerability	25 Sep 201800:00	–	cnvd
Cvelist	CVE-2018-1674	20 Sep 201815:00	–	cvelist
IBM Security Bulletins	Security Bulletin: Blind SQL injection vulnerability in IBM Business Automation Workflow and IBM Business Process Manager (CVE-2018-1674)	14 Sep 202215:02	–	ibm
EUVD	EUVD-2018-12253	7 Oct 202500:30	–	euvd
NVD	CVE-2018-1674	20 Sep 201815:29	–	nvd
OSV	CVE-2018-1674	20 Sep 201815:29	–	osv
Prion	Sql injection	20 Sep 201815:29	–	prion

NVD

Vulners

Node

ibm business_automation_workflowMatch18.0.0.0

ibm business_automation_workflowMatch18.0.0.1

ibm business_process_managerRange8.5.0.0–8.5.0.2

ibm business_process_managerMatch8.5.5.0

ibm business_process_managerMatch8.5.5.0advanced

ibm business_process_managerMatch8.5.5.0express

ibm business_process_managerMatch8.5.5.0standard

ibm business_process_managerMatch8.5.6.0cf2advanced

ibm business_process_managerMatch8.5.6.0cf2express

ibm business_process_managerMatch8.5.6.0cf2standard

ibm business_process_managerMatch8.5.7.0advanced

ibm business_process_managerMatch8.5.7.0express

ibm business_process_managerMatch8.5.7.0standard

ibm business_process_managerMatch8.5.7.0cf201706express

ibm business_process_managerMatch8.6.0.0express

ibm business_process_managerMatch8.6.0.0cf201803express

[
  {
    "product": "Business Process Manager",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "8.5"
      },
      {
        "status": "affected",
        "version": "8.5.0.1"
      },
      {
        "status": "affected",
        "version": "8.5.5"
      },
      {
        "status": "affected",
        "version": "8.5.6"
      },
      {
        "status": "affected",
        "version": "8.5.7"
      },
      {
        "status": "affected",
        "version": "8.6"
      },
      {
        "status": "affected",
        "version": "8.6.0.CF201712"
      },
      {
        "status": "affected",
        "version": "8.5.0.2"
      },
      {
        "status": "affected",
        "version": "8.5.6.1"
      },
      {
        "status": "affected",
        "version": "8.5.6.2"
      },
      {
        "status": "affected",
        "version": "8.5.7.CF201606"
      },
      {
        "status": "affected",
        "version": "8.5.7.CF201609"
      },
      {
        "status": "affected",
        "version": "8.5.7.CF201612"
      },
      {
        "status": "affected",
        "version": "8.5.7.CF201703"
      },
      {
        "status": "affected",
        "version": "8.5.7.CF201706"
      },
      {
        "status": "affected",
        "version": "8.6.0.CF201803"
      },
      {
        "status": "affected",
        "version": "18.0.0.0"
      },
      {
        "status": "affected",
        "version": "18.0.0.1"
      }
    ]
  }
]

Source	Link
securitytracker	www.securitytracker.com/id/1041717
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/145109
ibm	www.ibm.com/support/docview.wss

21 Nov 2024 04:00Current

8.5High risk

Vulners AI Score8.5

CVSS 26.5

CVSS 36.3 - 8.8

EPSS0.00278

CWE-89