Business Process Manager@7.5.0.0 Security Vulnerabilities and Issues — Business Process Manager@7.5.0.0 CVE List

Lucene search

IbmBusiness Process Manager7.5.0.0

3 matches found

CVE•added 2018/03/30 4:29 p.m.•42 views

CVE-2017-1756

IBM Business Process Manager 8.6 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 135856.

4CVSS3.4AI score0.00111EPSS

CVE•added 2018/03/30 4:29 p.m.•35 views

CVE-2018-1384

IBM Business Process Manager 8.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138135.

5.4CVSS5.2AI score0.0039EPSS

CVE•added 2018/03/15 10:29 p.m.•34 views

CVE-2015-7463

IBM Business Process Manager 7.5.x, 8.0.x, 8.5.0, 8.5.5, and 8.5.6.0 through cumulative fix 2 allow remote authenticated users to delete process and task data by leveraging incorrect authorization checks. IBM X-Force ID: 108393.

5.5CVSS4.5AI score0.00085EPSS