Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm business process manager 8.5 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-29753
IBM Business Automation Workflow 18. 19, 20, 21, and IBM Business Process Manager 8.5 and d8.6 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
Ibm Business Process Manager 8.6.0.0
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Automation Workflow 19.0.0.0
Ibm Business Automation Workflow 21.0.0.0
Ibm Business Automation Workflow 20.0.0.0
Ibm Business Process Manager 8.5.0.0
4.3
CVSSv2
CVE-2015-0101
Cross-site scripting (XSS) vulnerability in IBM Business Process Manager Standard 7.5.x prior to 7.5, 8.0.x prior to 8.0.1, 8.5.x prior to 8.5.5; IBM Business Process Manager Express 7.5.x prior to 7.5, 8.0.x prior to 8.0.1, 8.5.x prior to 8.5.5; and IBM Business Process Manager ...
Ibm Business Process Manager 8.5.5
Ibm Business Process Manager 8.0.1.2
Ibm Business Process Manager 7.5.1
Ibm Business Process Manager 8.5
Ibm Business Process Manager 7.5
Ibm Business Process Manager 7.5.1.1
Ibm Business Process Manager 8.0.1
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 7.5.0.1
Ibm Business Process Manager 8.0.1.3
Ibm Business Process Manager 7.5.1.2
Ibm Business Process Manager 8.0.1.1
Ibm Business Process Manager 8.0
4.3
CVSSv2
CVE-2014-6176
IBM WebSphere Process Server 7.0, WebSphere Enterprise Service Bus 7.0, and Business Process Manager Advanced 7.5.x up to and including 7.5.1.2, 8.0.x up to and including 8.0.1.3, and 8.5.x up to and including 8.5.5 disregard the SSL setting in the SCA module HTTP import binding ...
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 8.0.1.3
Ibm Business Process Manager 7.5.0.0
Ibm Business Process Manager 7.5.1.0
Ibm Business Process Manager 7.5.0.1
Ibm Business Process Manager 7.5.1.1
Ibm Business Process Manager 8.0.0.0
Ibm Business Process Manager 8.0.1.2
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.0.1.1
Ibm Business Process Manager 8.0.1.0
Ibm Websphere Enterprise Service Bus 7.0
Ibm Websphere Process Server 7.0
4
CVSSv2
CVE-2021-39046
IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 and IBM Business Process Manager 8.5 and 8.6 stores user credentials in plain clear text which can be read by a lprivileged user. IBM X-Force ID: 214346.
Ibm Business Automation Workflow 18.0.0.1
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Automation Workflow 18.0.0.2
Ibm Business Automation Workflow 19.0.0.3
Ibm Business Automation Workflow 19.0.0.1
Ibm Business Automation Workflow 19.0.0.2
Ibm Business Automation Workflow 20.0.0.1
Ibm Business Automation Workflow 20.0.0.2
Ibm Business Automation Workflow 21.0.2
Ibm Business Process Manager 8.5
Ibm Business Process Manager 8.6
4
CVSSv2
CVE-2021-38900
IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation Workflow 18.0, 19.0, 20.0 and 21.0 could allow a privileged user to obtain highly sensitive information due to improper access controls. IBM X-Force ID: 209607.
Ibm Business Process Manager 8.5.0.0
Ibm Business Automation Workflow 18.0.0.1
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Automation Workflow 18.0.0.2
Ibm Business Process Manager 8.6.0.0
Ibm Business Automation Workflow 19.0.0.0
Ibm Business Automation Workflow 20.0.0.0
Ibm Business Automation Workflow 19.0.0.1
Ibm Business Automation Workflow 21.0.0.0
Ibm Workflow Process Service 21.0.2
4
CVSSv2
CVE-2020-4446
IBM Business Process Manager 8.0, 8.5, and 8.6 and IBM Business Automation Workflow 18.0 and 19.0 could allow a remote malicious user to bypass security restrictions, caused by the failure to perform insufficient authorization checks. IBM X-Force ID: 181126.
Ibm Business Process Manager 8.6.0.0
Ibm Business Process Manager
Ibm Business Automation Workflow
4
CVSSv2
CVE-2015-0110
IBM Business Process Manager (aka BPM) 7.5.x, 8.0.x, and 8.5.x and WebSphere Lombardi Edition (aka WLE) 7.2.x allow remote authenticated users to bypass intended access restrictions on internal service types via vectors involving the executeServiceByName URL.
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 7.5.0.0
Ibm Business Process Manager 8.0.1.0
Ibm Business Process Manager 8.0.1.1
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.0.1.3
Ibm Business Process Manager 7.5.1.2
Ibm Business Process Manager 7.5.1.1
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 7.5.1.0
Ibm Business Process Manager 8.0.0.0
Ibm Business Process Manager 8.0.1.2
Ibm Business Process Manager 7.5.0.1
Ibm Websphere Application Server 7.2.0.3
Ibm Websphere Application Server 7.2.0.1
Ibm Websphere Application Server 7.2.0.2
Ibm Websphere Application Server 7.2.0.5
Ibm Websphere Application Server 7.2.0.4
Ibm Websphere Application Server 7.2.0.0
4
CVSSv2
CVE-2014-6182
Directory traversal vulnerability in an export function in the Process Center in IBM Business Process Manager (BPM) 8.0.x up to and including 8.0.1.3 and 8.5.x up to and including 8.5.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL.
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.0.1.0
Ibm Business Process Manager 8.0.1.1
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.0.1.3
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 8.0.0.0
Ibm Business Process Manager 8.0.1.2
4
CVSSv2
CVE-2014-4759
An unspecified Ajax service in the Content Management toolkit in IBM Business Process Manager (BPM) 8.5.x up to and including 8.5.5 allows remote authenticated users to obtain sensitive information by performing a document-attachment search and then reading document properties in...
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.5.0.1
3.5
CVSSv2
CVE-2021-38893
IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation Workflow 18.0, 19.0, 20.0 and 21.0 are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potenti...
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.5.7.0
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Process Manager 8.6.0.0
Ibm Business Automation Workflow 19.0.0.0
Ibm Business Automation Workflow 20.0.0.0
Ibm Business Automation Workflow 21.0.0.0
Ibm Workflow Process Service 21.0.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »