Security Bulletin: CVE-2015-7450 affects the desktop IBM Process Designer used in IBM Business Automation Workflow and IBM Business Process Manager

Summary The following vulnerability in Apache commons that affects the desktop IBM Process Designer has been addressed. Vulnerability Details CVEID:CVE-2015-7450 DESCRIPTION: Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and...

Security Bulletin: IBM Integration Designer is vulnerable to arbitrary code execution because of Apache Log4j (CVE-2021-4104)

Summary This fix removes the Apache Log4j.jar file from IBM Integration Designer. Vulnerability Details CVEID: CVE-2021-4104 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data when the attacker has write...

CVE-2021-29834

The CVE-2021-29834 entry concerns a stored cross-site scripting (XSS) vulnerability in IBM Business Automation Workflow and IBM Business Process Manager (BPM). According to IBM’s Security Bulletin, the affected versions are IBM Business Automation Workflow: V18.0, 19.0, 20.0, 21.0.2 and V20.0.2 p...