7 matches found
CVE-2024-49348
IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 allows restricting access to organizational data to valid contexts. The fact that tasks of type comment can be reassigned via API implicitly...
Security Bulletin: Weak authorization IBM Business Automation Workflow - CVE-2024-49348
Summary IBM Business Automation Workflow is vulnerable may return sensitive information in unexpected scenarios. Vulnerability Details CVEID:CVE-2024-49348 DESCRIPTION: IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2,...
CVE-2024-49348
IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 allows restricting access to organizational data to valid contexts. The fact that tasks of type comment can be reassigned via API implicitly...
CVE-2024-49348
creationtimestamp| type| source ---|---|--- 2025-02-05 11:34:57+00:00| seen| https://infosec.exchange/users/cve/statuses/113951067139075642 2025-02-05 12:16:05+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhgkfgvy3r2j 2025-02-05 14:58:14+00:00| seen|...
CVE-2024-49348 IBM Cloud Pak for Business Automation incorrect privilege assignment
IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 allows restricting access to organizational data to valid contexts. The fact that tasks of type comment can be reassigned via API implicitly...
CVE-2024-49348 IBM Cloud Pak for Business Automation incorrect privilege assignment
IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 allows restricting access to organizational data to valid contexts. The fact that tasks of type comment can be reassigned via API implicitly...
CVE-2024-49348
CVE-2024-49348 affects IBM Cloud Pak for Business Automation (versions 18.0.0 through 22.0.2). The issue is described as an incorrect privilege assignment that can restrict access to organizational data to valid contexts, with the root cause being that tasks of type comment can be reassigned via ...