3 matches found
Security Bulletin: Spoofing vulnerability in IBM Business Automation Workflow (CVE-2019-4045)
Summary A Spoofing vulnerability has been found in IBM Business Automation Workflow. Vulnerability Details CVEID: CVE-2019-4045 DESCRIPTION: IBM Business Automation Workflow and IBM Business Process Manager provide embedded document management features. Because of a missing restriction in an API,...
CVE-2019-4045
IBM Business Automation Workflow and IBM Business Process Manager 18.0.0.0, 18.0.0.1, and 18.0.0.2 provide embedded document management features. Because of a missing restriction in an API, a client might spoof the last modified by value of a document. IBM X-Force ID: 156241...
CVE-2019-4045
IBM CVE-2019-4045 affects IBM Business Automation Workflow and IBM Business Process Manager, specifically versions 18.0.0.0–18.0.0.2 (and various BPM CF/iFix ranges). The root cause is a missing restriction in an API that allows a client to spoof the last-modified-by value of a document within th...