Multiple IBM Products Licensing Issues Vulnerabilities

IBM Business Process Manager BPM and so on are products of IBM Corporation in the U.S. IBM Business Process Manager is a set of integrated business process management platform.IBM Business Automation Workflow is a set of workflow automation solutions. IBM Process Federation Server Component is an...

Authorization

IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2, IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.6 could allow an authenticated user to obtain sensitive information or cuase a denial of service due to iimproper authorization checking. IBM X-Force...

CVE-2020-4794

IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2, IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.6 could allow an authenticated user to obtain sensitive information or cuase a denial of service due to iimproper authorization checking. IBM X-Force...

CVE-2020-4794

CVE-2020-4794 affects IBM Automation Workstream Services (19.0.3, 20.0.1, 20.0.2), IBM Business Automation Workflow (18.0, 19.0, 20.0; containerized 20.0), and IBM Business Process Manager 8.6. The issue is an authorization checking flaw that could allow an authenticated user to obtain sensitive ...

Security Bulletin: IBM Process Federation Server REST API is subject to DoS attacks

Summary IBM Process Federation Server Global Teams REST API does not properly shut down the thread pools that it creates, leading to OutOfMemory exceptions, and could be targeted by DoS attacks. Vulnerability Details CVEID: CVE-2020-4325 DESCRIPTION: The IBM Process Federation Server Global Teams...