3 matches found
Security Bulletin: Insufficient authorization check for project actions in WebSphere Lombardi Edition (CVE-2014-4844)
Summary By using WebSphere Lomabrdi Edition WLE you can import and export process applications and toolkits. Although this functionality is available only to authorized users, the actual server side code accepts requests from lower privileged users. Vulnerability Details CVE ID: CVE-2014-4844 CVS...
Security Bulletin: Insufficient authorization check for project actions in IBM Business Process Manager (CVE-2014-4844)
Summary By using IBM Business Process Manager BPM you can import and export process applications and toolkits. Although this functionality is available only to authorized users, the actual server side code accepts requests from lower privileged users. Vulnerability Details CVE ID: CVE-2014-4844...
CVE-2014-4844
CVE-2014-4844 affects IBM BPM and WebSphere Lombardi Edition: import/export of process applications and toolkits can be abused by remote authenticated users due to insufficient authorization checks. Affected versions include IBM BPM Standard/Express/Advanced 7.5.x, 8.0.x, and 8.5.x; the issue exi...