Improper access control

2021-12-2119:15:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

33.3%

JSON

IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation Workflow 18.0, 19.0, 20.0 and 21.0 could allow a privileged user to obtain highly sensitive information due to improper access controls. IBM X-Force ID: 209607.

CPENameOperatorVersion
business_automation_workfloweq18.0.0.1
business_automation_workfloweq18.0.0.0
business_automation_workfloweq18.0.0.2
business_automation_workfloweq19.0.0.0
business_automation_workfloweq20.0.0.0
business_automation_workfloweq19.0.0.1
business_automation_workfloweq21.0.0.0
business_process_managereq8.5.0.0
business_process_managereq8.6.0.0
workflow_process_serviceeq21.0.2

Name	Operator	Version
business_automation_workflow	eq	18.0.0.1
business_automation_workflow	eq	18.0.0.0
business_automation_workflow	eq	18.0.0.2
business_automation_workflow	eq	19.0.0.0
business_automation_workflow	eq	20.0.0.0
business_automation_workflow	eq	19.0.0.1
business_automation_workflow	eq	21.0.0.0
business_process_manager	eq	8.5.0.0
business_process_manager	eq	8.6.0.0
workflow_process_service	eq	21.0.2