Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm business process manager 8.5.5.0 vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2017-1494
IBM Business Process Manager 8.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID...
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.5.6.0
356
VMScore
CVE-2014-6139
The Search REST API in IBM Business Process Manager 8.0.1.3, 8.5.0.1, and 8.5.5.0 allows remote authenticated users to bypass intended access restrictions and perform task-instance and process-instance searches by specifying a false value for the filterByCurrentUser parameter.
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 8.0.1.3
Ibm Business Process Manager 8.5.5.0
356
VMScore
CVE-2014-4759
An unspecified Ajax service in the Content Management toolkit in IBM Business Process Manager (BPM) 8.5.x up to and including 8.5.5 allows remote authenticated users to obtain sensitive information by performing a document-attachment search and then reading document properties in...
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 8.5.5.0
445
VMScore
CVE-2014-3076
IBM Business Process Manager (BPM) 8.5 up to and including 8.5.5 allows remote malicious users to obtain potentially sensitive information by visiting an unspecified JSP diagnostic page.
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.5.0.1
356
VMScore
CVE-2017-1766
Due to incorrect authorization in IBM Business Process Manager 8.6 an attacker can claim and work on ad hoc tasks he is not assigned to. IBM X-Force ID: 136151.
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager 8.5.6.0
Ibm Business Process Manager 8.5.6.2
Ibm Business Process Manager 8.5.6.1
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.6.0.0
312
VMScore
CVE-2017-1767
IBM Business Process Manager 8.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID...
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager 8.5.6.2
Ibm Business Process Manager 8.5.6.1
Ibm Business Process Manager 8.5.6.0
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.6.0.0
383
VMScore
CVE-2015-8524
Cross-site scripting (XSS) vulnerability in Process Portal in IBM Business Process Manager 8.5.0.x up to and including 8.5.0.2, 8.5.5.x up to and including 8.5.5.0, and 8.5.6.x up to and including 8.5.6.2 allows remote malicious users to inject arbitrary web script or HTML via a ...
Ibm Business Process Manager 8.5.6.2
Ibm Business Process Manager 8.5.6.0
Ibm Business Process Manager 8.5.0.2
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.5.0.1
356
VMScore
CVE-2019-4045
IBM Business Automation Workflow and IBM Business Process Manager 18.0.0.0, 18.0.0.1, and 18.0.0.2 provide embedded document management features. Because of a missing restriction in an API, a client might spoof the last modified by value of a document. IBM X-Force ID: 156241.
Ibm Business Process Manager
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.5.6.0
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager 8.6.0.0
Ibm Business Automation Workflow
570
VMScore
CVE-2019-4424
IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, and 19.0.0.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory reso...
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager
Ibm Business Process Manager 8.5.6.0
Ibm Business Process Manager 8.6.0.0
Ibm Business Automation Workflow
312
VMScore
CVE-2019-4425
IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, and 18.0.0.2 could allow a user to obtain highly sensitive information from another user by inserting links that would be clicked on by unsuspecting users. IBM X-Force ID: 162771.
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager
Ibm Business Process Manager 8.5.6.0
Ibm Business Automation Workflow
Ibm Business Process Manager 8.6.0.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »