2 matches found
Security Bulletin: Blind SQL injection vulnerability in IBM Business Automation Workflow and IBM Business Process Manager (CVE-2018-1674)
Summary IBM Business Process Manager and IBM Business Automation Workflow are vulnerable to blind SQL injection due to insufficient validation of user-provided input in an API. Vulnerability Details CVEID: CVE-2018-1674 DESCRIPTION: IBM Business Process Manager is vulnerable to SQL injection. A...
CVE-2018-1674
CVE-2018-1674 affects IBM BPM 8.5.0.0–8.5.0.2, 8.5.5.0, 8.5.6.0–8.5.6.0 CF2, 8.5.7.0, 8.6.0.0–8.6.0.0 CF2018.03, and IBM BPM/Automation Workflow 18.0.0.0–18.0.0.1. The IBM Security Bulletin describes a blind SQL injection due to insufficient validation in an API, enabling a remote attacker to vie...