Filtered by vendor Ibm Subscriptions
Filtered by product Business Automation Workflow Subscriptions
Total 46 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2018-1997 1 Ibm 2 Business Automation Workflow, Business Process Manager 2024-11-21 N/A
IBM Business Automation Workflow and Business Process Manager 18.0.0.0, 18.0.0.1, and 18.0.0.2 are vulnerable to a denial of service attack. An authenticated attacker might send a specially crafted request that exhausts server-side memory. IBM X-Force ID: 154774.
CVE-2018-1885 1 Ibm 4 Business Automation Workflow, Business Process Manager, Business Process Manager Enterprise Service Bus and 1 more 2024-11-21 N/A
IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, and 18.0.0.2 could allow an unauthenticated attacker to obtain sensitve information using a specially cracted HTTP request. IBM X-Force ID: 152020.
CVE-2018-1848 1 Ibm 3 Business Automation Workflow, Business Process Manager, Websphere 2024-11-21 N/A
IBM Business Automation Workflow 18.0.0.0 and 18.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150947.
CVE-2018-1674 1 Ibm 2 Business Automation Workflow, Business Process Manager 2024-11-21 N/A
IBM Business Process Manager 8.5 through 8.6 and 18.0.0.0 through 18.0.0.1 are vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 145109.
CVE-2024-43188 1 Ibm 1 Business Automation Workflow 2024-09-29 4.9 Medium
IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 could allow a privileged user to perform unauthorized activities due to improper client side validation.
CVE-2024-38321 1 Ibm 1 Business Automation Workflow 2024-09-06 5.3 Medium
IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 stores potentially sensitive information in log files under certain situations that could be read by an authenticated user. IBM X-Force ID: 284868.