3 matches found
CVE-2018-1885
The CVE-2018-1885 issue affects IBM software in the IBM Business Automation Workflow family (V18.0.0.0–18.0.0.2) and related BPM components, where an unauthenticated attacker could obtain sensitive information via a specially crafted HTTP request. The underlying vulnerability relates to an Extern...
CVE-2014-6176
CVE-2014-6176 affects IBM WebSphere Process Server 7.0, WebSphere Enterprise Service Bus 7.0, and IBM Business Process Manager Advanced (7.5.x up to 7.5.1.2, 8.0.x up to 8.0.1.3, and 8.5.x up to 8.5.5). The vulnerability arises because the SCA module HTTP binding ignores the SSL setting from the ...
CVE-2018-1384
CVE-2018-1384 affects IBM Business Process Manager (BPM) 8.6 with a cross-site scripting flaw in the Web UI that can let an attacker inject arbitrary JavaScript, potentially leading to credentials disclosure in a trusted session. The IBM Security Bulletin lists affected BPM/PS/WESB offerings and ...