In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 9.1.0
**IBM X-Force ID:**177835
**DESCRIPTION:**Apache Commons Codec could allow a remote attacker to obtain sensitive information, caused by the improper validation of input. An attacker could exploit this vulnerability using a method call to obtain sensitive information.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/177835 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Product(s) | Version(s) |
---|---|
IBM Business Automation Manager Open Editions | 9.0.0, 9.0.1 |
IBM strongly suggests the following remediation / fix: Product(s) | Version(s) | Remediation/Fix |
---|---|---|
IBM Business Automation Manager Open Editions | 9.0.0, 9.0.1 | Download 9.1.0 and follow instructions. |
None
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | business_automation_workflow | 9.1.0 | cpe:2.3:a:ibm:business_automation_workflow:9.1.0:*:*:*:*:*:*:* |