2 matches found
CVE-2019-4711
CVE-2019-4711 is detailed in IBM’s Security Bulletin for IBM Business Automation Workflow (BAW) 19.0.0.2 with fix JR61324. The issue is an unvalidated TLS certificate import during the registration process to the Resource Registry, allowing a man‑in‑the‑middle attacker to add a signer certificate...
Security Bulletin: Unvalidated certificate import in IBM Business Automation Workflow (CVE-2019-4711)
Summary APAR JR61324 is available for IBM Business Automation Workflow BAW 19.0.0.2. It introduces a new API to register BAW at Resource Registry to support integrating processes in App Designer in Cloud Pak for Automation. During the registration process a TLS certifcate is imported without...