37 matches found
Security Bulletin: Spoofing vulnerability affect IBM Business Automation Workflow - Process Federation Server component - CVE-2018-25013
Summary Process Federation Server shipped with IBM Business Automation Workflow are vulnerable to a Spoofing attack. Vulnerability Details CVEID:CVE-2018-25031 DESCRIPTION: swagger-ui could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a specially-crafted URL...
Security Bulletin: Apache Log4j vulnerability affects IBM Business Automation Workflow (CVE-2021-44228)
Summary Process Federation Server PFS, shipped with IBM Business Automation Workflow BAW, is vulnerable to a vulnerability caused by log4j. The vulnerability is included in the ElasticSearch client library used by PFS. The ElasticSearch vulnerable library was also shipped in offline documentation...
CVE-2021-41361
Active Directory Federation Server Spoofing Vulnerability...
Spoofing
Active Directory Federation Server Spoofing Vulnerability...
CVE-2021-41361
Technical details about CVE-2021-41361, including affected products, root cause, impact, and fixes, are not publicly provided in the connected documents. Monitor for updates from official advisories.
CVE-2021-41361 Active Directory Federation Server Spoofing Vulnerability
...
Multiple IBM Products Licensing Issues Vulnerabilities
IBM Business Process Manager BPM and so on are products of IBM Corporation in the U.S. IBM Business Process Manager is a set of integrated business process management platform.IBM Business Automation Workflow is a set of workflow automation solutions. IBM Process Federation Server Component is an...
Security Bulletin: Information disclosure and Denial of Service vulnerability affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) - CVE-2020-4794
Summary The optional component Process Federation Server that is shipped with IBM Business Process Manager and IBM Business Automation Workflow is vulnerable to a information disclosure and denial of service attack. Vulnerability Details CVEID: CVE-2020-4794 DESCRIPTION: IBM Process Federation...
IBM多款产品授权问题漏洞
IBM Business Process Manager BPM and so on are products of IBM Corporation in the U.S. IBM Business Process Manager is a set of integrated business process management platform.IBM Business Automation Workflow is a set of workflow automation solutions. IBM Process Federation Server Component is an...
Active Directory Federation Server Denial of Service Vulnerability
This CVE was issued by the MITRE CVE Numbering Athority. Microsoft is providing its CVSS assessment based on the analysis that we did on the vulnerability at the time that it was reported to us...
CVE-2020-4325
The IBM Process Federation Server 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, and 19.0.0.3 Global Teams REST API does not properly shutdown the thread pools that it creates to retrieve Global Teams information from the federated systems. As a consequence, the Java Virtual Machine can't recover the...
Design/Logic Flaw
The IBM Process Federation Server 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, and 19.0.0.3 Global Teams REST API does not properly shutdown the thread pools that it creates to retrieve Global Teams information from the federated systems. As a consequence, the Java Virtual Machine can't recover the...
CVE-2020-4325
CVE-2020-4325 affects IBM Process Federation Server and IBM Automation Workstream Services in Cloud Pak for Automation. The root cause is improper shutdown of thread pools used to retrieve Global Teams information, causing JVM memory to be unrecoverable and leading to OutOfMemory errors when the ...
CVE-2020-4325
The IBM Process Federation Server 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, and 19.0.0.3 Global Teams REST API does not properly shutdown the thread pools that it creates to retrieve Global Teams information from the federated systems. As a consequence, the Java Virtual Machine can't recover the...
Security Bulletin: IBM Process Federation Server REST API is subject to DoS attacks
Summary IBM Process Federation Server Global Teams REST API does not properly shut down the thread pools that it creates, leading to OutOfMemory exceptions, and could be targeted by DoS attacks. Vulnerability Details CVEID: CVE-2020-4325 DESCRIPTION: The IBM Process Federation Server Global Teams...
Security Bulletin: Multiple vulnerabilities in WebSphere Application Server affect IBM Business Process Manager, WebSphere Process Server and WebSphere Lombardi Edition (Java CPU April 2016)
Summary WebSphere Application Server is shipped as a component of IBM Business Process Manager, WebSphere Process Server, and WebSphere Lombardi Edition. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability...
Security Bulletin: Multiple security vulnerabilities in Elasticsearch might affect Process Federation Server in IBM Business Process Manager (BPM) - CVE-2015-5531, CVE-2015-5377
Summary IBM Process Federation Server is an optional component that is shipped with IBM Business Process Manager BPM V8.5.6.0. It allows the collection of task information of existing IBM Business Process Manager environments to provide a federated task list. IBM Process Federation Server uses th...