2 matches found
CVE-2022-2458
CVE-2022-2458 is an XML External Entity (XXE) vulnerability affecting IBM Business Automation Manager/Open Editions (Business Central) and Kie-Server APIs. The weakness arises from processing XML input with external entities due to a weakly configured XML parser, enabling an attacker to cause Ext...
CVE-2022-2457
CVE-2022-2457 affects Red Hat Process Automation Manager 7, where the Administration Console is vulnerable to brute-force login attempts due to no limit on failed logins. NVD/V3.1 reports a CRITICAL base score (CVSS:3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Multiple connected documents corrobora...