Business Automation Workflow@19.0 Security Vulnerabilities and Issues — Business Automation Workflow@19.0 CVE List

Lucene search

IbmBusiness Automation Workflow19.0

9 matches found

CVE•added 2020/06/29 2:15 p.m.•42 views

CVE-2020-4557

IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials dis...

5.4CVSS5.4AI score0.00236EPSS

CVE•added 2021/11/05 6:15 p.m.•42 views

CVE-2021-29753

IBM Business Automation Workflow 18. 19, 20, 21, and IBM Business Process Manager 8.5 and d8.6 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

5.9CVSS6AI score0.0007EPSS

CVE•added 2020/09/25 5:15 p.m.•41 views

CVE-2020-4531

IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.0, 8.5, and 8.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the sy...

5.3CVSS4.8AI score0.00124EPSS

CVE•added 2020/09/08 3:15 p.m.•39 views

CVE-2020-4516

IBM Business Process Manager 8.5, 8.6 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclo...

5.4CVSS5.4AI score0.0006EPSS

CVE•added 2020/12/21 6:15 p.m.•39 views

CVE-2020-4794

IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2, IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.6 could allow an authenticated user to obtain sensitive information or cuase a denial of service due to iimproper authorization checking. IBM X-Force I...

5.5CVSS5.3AI score0.00128EPSS

CVE•added 2021/10/22 7:15 p.m.•39 views

CVE-2021-29835

IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-...

6.1CVSS5.8AI score0.00285EPSS

CVE•added 2020/09/08 3:15 p.m.•37 views

CVE-2020-4698

IBM Business Process Manager 8.5, 8.6 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...

6.4CVSS5.3AI score0.00223EPSS

CVE•added 2021/06/28 4:15 p.m.•37 views

CVE-2021-29751

IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.5 and 8.6 could allow an authenticated user to obtain sensitive information about another user under nondefault configurations. IBM X-Force ID: 201779.

4.3CVSS4.4AI score0.00225EPSS

CVE•added 2021/02/11 5:15 p.m.•33 views

CVE-2020-4768

IBM Case Manager 5.2 and 5.3 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure with...

5.4CVSS5.2AI score0.00111EPSS