CVE-2024-38321

🗓️ 03 Aug 2024 13:34:16Reported by ibmType

IBM Business Automation Workflow stores sensitive information in log file

Reporter	Title	Published	Views	Family All 9
IBM Security Bulletins	Security Bulletin: Information disclosure vulnerability affects IBM Business Automation Workflow - CVE-2024-38321	3 Feb 202522:45	–	ibm
Circl	CVE-2024-38321	3 Aug 202416:46	–	circl
CNVD	IBM Business Automation Workflow Log Information Disclosure Vulnerability	6 Aug 202400:00	–	cnvd
Cvelist	CVE-2024-38321 IBM Business Automation Workflow information disclosure	3 Aug 202413:34	–	cvelist
EUVD	EUVD-2024-37265	3 Oct 202520:07	–	euvd
NVD	CVE-2024-38321	3 Aug 202414:15	–	nvd
Positive Technologies	PT-2024-27942 · Ibm · Ibm Business Automation Workflow	3 Aug 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-38321	23 May 202510:21	–	redhatcve
Vulnrichment	CVE-2024-38321 IBM Business Automation Workflow information disclosure	3 Aug 202413:34	–	vulnrichment

NVD

Vulners

Node

ibm business_automation_workflowMatch20.0.0.1containers

ibm business_automation_workflowMatch20.0.0.2containers

ibm business_automation_workflowMatch21.0.2containers

ibm business_automation_workflowMatch21.0.3-containers

ibm business_automation_workflowMatch21.0.3if002containers

ibm business_automation_workflowMatch21.0.3if005containers

ibm business_automation_workflowMatch21.0.3if006containers

ibm business_automation_workflowMatch21.0.3if007containers

ibm business_automation_workflowMatch21.0.3if008containers

ibm business_automation_workflowMatch21.0.3if009containers

ibm business_automation_workflowMatch21.0.3if010containers

ibm business_automation_workflowMatch21.0.3if011containers

ibm business_automation_workflowMatch21.0.3if012containers

ibm business_automation_workflowMatch21.0.3if013containers

ibm business_automation_workflowMatch21.0.3if014containers

ibm business_automation_workflowMatch21.0.3if015containers

ibm business_automation_workflowMatch21.0.3if016containers

ibm business_automation_workflowMatch21.0.3if017containers

ibm business_automation_workflowMatch21.0.3if028containers

ibm business_automation_workflowMatch21.0.3if029containers

ibm business_automation_workflowMatch21.0.3if030containers

ibm business_automation_workflowMatch21.0.3if031containers

ibm business_automation_workflowMatch21.0.3if032containers

ibm business_automation_workflowMatch21.0.3if033containers

ibm business_automation_workflowMatch21.0.3if034containers

ibm business_automation_workflowMatch22.0.1containers

ibm business_automation_workflowMatch22.0.2containers

ibm business_automation_workflowMatch23.0.1containers

ibm business_automation_workflowMatch23.0.2containers

Node

ibm business_automation_workflowRange19.0.0.1–19.0.0.3traditional

ibm business_automation_workflowRange20.0.0.1–20.0.0.2traditional

ibm business_automation_workflowRange21.0.1–21.0.3.0traditional

ibm business_automation_workflowRange22.0.1–22.0.2traditional

ibm business_automation_workflowRange23.0.1–23.0.2traditional

Node

ibm business_automation_workflowRange23.0.1–23.0.2enterprise_service_bus

ibm business_automation_workflowMatch22.0.2enterprise_service_bus

[
  {
    "cpes": [
      "cpe:2.3:a:ibm:business_automation_workflow:22.0.2:*:*:*:-:*:*:*",
      "cpe:2.3:a:ibm:business_automation_workflow:23.0.1:*:*:*:-:*:*:*",
      "cpe:2.3:a:ibm:business_automation_workflow:23.0.2:*:*:*:-:*:*:*",
      "cpe:2.3:a:ibm:business_automation_workflow:24.0.0:*:*:*:-:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "product": "Business Automation Workflow",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "22.0.2, 23.0.1, 23.0.2, 24.0.0"
      }
    ]
  }
]

Source	Link
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/294868
ibm	www.ibm.com/support/pages/node/7162334

06 Sep 2024 14:50Current

4.8Medium risk

Vulners AI Score4.8

CVSS 3.15.3 - 6.5

EPSS0.00077

SSVC

CWE-532