Business Automation Workflow@22.0.2 Security Vulnerabilities and Issues — Business Automation Workflow@22.0.2 CVE List

Lucene search

IbmBusiness Automation Workflow22.0.2

5 matches found

CVE•added 2023/01/26 9:17 p.m.•81 views

CVE-2022-43864

IBM Business Automation Workflow 22.0.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 239427.

7.5CVSS7.3AI score0.00072EPSS

CVE•added 2023/05/06 3:15 a.m.•55 views

CVE-2023-24957

IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3, 20.0.0.1, 20.0.0.2, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended func...

5.4CVSS5.2AI score0.00092EPSS

CVE•added 2024/09/18 12:15 p.m.•45 views

CVE-2024-43188

IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 could allow a privileged user to perform unauthorized activities due to improper client side validation.

4.9CVSS4.9AI score0.00091EPSS

CVE•added 2024/02/04 1:15 a.m.•37 views

CVE-2023-50947

IBM Business Automation Workflow 22.0.2, 23.0.1, and 23.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-...

5.4CVSS5.2AI score0.00107EPSS

CVE•added 2024/08/03 2:15 p.m.•31 views

CVE-2024-38321

IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 stores potentially sensitive information in log files under certain situations that could be read by an authenticated user. IBM X-Force ID: 284868.

6.5CVSS4.8AI score0.00106EPSS