Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm business process manager 8.5.5.0 vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2014-6139
The Search REST API in IBM Business Process Manager 8.0.1.3, 8.5.0.1, and 8.5.5.0 allows remote authenticated users to bypass intended access restrictions and perform task-instance and process-instance searches by specifying a false value for the filterByCurrentUser parameter.
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 8.0.1.3
Ibm Business Process Manager 8.5.5.0
4
CVSSv2
CVE-2014-6182
Directory traversal vulnerability in an export function in the Process Center in IBM Business Process Manager (BPM) 8.0.x up to and including 8.0.1.3 and 8.5.x up to and including 8.5.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL.
Ibm Business Process Manager 8.0.0.0
Ibm Business Process Manager 8.0.1.0
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.0.1.1
Ibm Business Process Manager 8.0.1.2
Ibm Business Process Manager 8.0.1.3
Ibm Business Process Manager 8.5.0.0
4
CVSSv2
CVE-2014-4802
The Saved Search Admin component in the Process Admin Console in IBM Business Process Manager (BPM) 8.0 up to and including 8.5.5 does not properly restrict task and instance listings in result sets, which allows remote authenticated users to bypass authorization checks and obtai...
Ibm Business Process Manager 8.0.0.0
Ibm Business Process Manager 8.0.1.0
Ibm Business Process Manager 8.0.1.1
Ibm Business Process Manager 8.0.1.2
Ibm Business Process Manager 8.0.1.3
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 8.5.5.0
4
CVSSv2
CVE-2014-4759
An unspecified Ajax service in the Content Management toolkit in IBM Business Process Manager (BPM) 8.5.x up to and including 8.5.5 allows remote authenticated users to obtain sensitive information by performing a document-attachment search and then reading document properties in...
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 8.5.5.0
4
CVSSv2
CVE-2014-4758
IBM Business Process Manager (BPM) 7.5.x up to and including 8.5.5 and WebSphere Lombardi Edition 7.2.x allow remote authenticated users to bypass intended access restrictions and send requests to internal services via a callService URL.
Ibm Business Process Manager 7.5.0.0
Ibm Business Process Manager 8.0.1.1
Ibm Business Process Manager 8.0.1.2
Ibm Websphere Application Server 7.2.0.3
Ibm Websphere Application Server 7.2.0.4
Ibm Business Process Manager 7.5.1.1
Ibm Business Process Manager 7.5.1.2
Ibm Business Process Manager 8.5.5.0
Ibm Websphere Application Server 7.2
Ibm Business Process Manager 8.0.0.0
Ibm Business Process Manager 8.0.1.0
Ibm Websphere Application Server 7.2.0.1
Ibm Websphere Application Server 7.2.0.2
Ibm Business Process Manager 7.5.0.1
Ibm Business Process Manager 7.5.1.0
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.5.0.1
Ibm Websphere Application Server 7.2.0.5
4
CVSSv2
CVE-2014-3087
callService.do in IBM Business Process Manager (BPM) 7.5 up to and including 8.5.5 and WebSphere Lombardi Edition 7.2 up to and including 7.2.0.5 allows remote authenticated users to read arbitrary files via an XML external entity declaration in conjunction with an entity referen...
Ibm Business Process Manager 8.0.1.0
Ibm Business Process Manager 8.0.1.1
Ibm Business Process Manager 7.5.0.1
Ibm Business Process Manager 7.5.1.0
Ibm Business Process Manager 7.5.1.1
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 8.5.5.0
Ibm Websphere Application Server 7.2
Ibm Business Process Manager 7.5.0.0
Ibm Business Process Manager 8.0.1.2
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 7.5.1.2
Ibm Business Process Manager 8.0.0.0
3.5
CVSSv2
CVE-2021-38893
IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation Workflow 18.0, 19.0, 20.0 and 21.0 are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potenti...
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Automation Workflow 19.0.0.0
Ibm Business Automation Workflow 20.0.0.0
Ibm Business Automation Workflow 21.0.0.0
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager 8.6.0.0
Ibm Workflow Process Service 21.0.2
3.5
CVSSv2
CVE-2021-38883
IBM Business Automation Workflow 18.0, 19.0, 20,0 and 21.0 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially le...
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Automation Workflow 18.0.0.1
Ibm Business Automation Workflow 18.0.0.2
Ibm Business Automation Workflow 19.0.0.0
Ibm Business Automation Workflow 19.0.0.1
Ibm Business Automation Workflow 19.0.0.2
Ibm Business Automation Workflow 19.0.0.3
Ibm Business Automation Workflow 20.0.0.0
Ibm Business Automation Workflow 20.0.0.1
Ibm Business Automation Workflow 20.0.0.2
Ibm Business Automation Workflow 21.0.0.0
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 8.5.0.2
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.5.6.0
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager 8.6.0.0
3.5
CVSSv2
CVE-2020-4698
IBM Business Process Manager 8.5, 8.6 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially lea...
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Automation Workflow 18.0.0.1
Ibm Business Automation Workflow 18.0.0.2
Ibm Business Automation Workflow 19.0.0.0
Ibm Business Automation Workflow 19.0.0.1
Ibm Business Automation Workflow 19.0.0.2
Ibm Business Automation Workflow 19.0.0.3
Ibm Business Automation Workflow 20.0.0.1
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 8.5.0.2
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.5.6.0
Ibm Business Process Manager 8.5.6.1
Ibm Business Process Manager 8.5.6.2
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager 8.6.0.0
3.5
CVSSv2
CVE-2020-4516
IBM Business Process Manager 8.5, 8.6 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Automation Workflow 18.0.0.1
Ibm Business Automation Workflow 18.0.0.2
Ibm Business Automation Workflow 19.0.0.0
Ibm Business Automation Workflow 19.0.0.1
Ibm Business Automation Workflow 19.0.0.2
Ibm Business Automation Workflow 19.0.0.3
Ibm Business Automation Workflow 20.0.0.1
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 8.5.0.2
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.5.6.0
Ibm Business Process Manager 8.5.6.1
Ibm Business Process Manager 8.5.6.2
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager 8.6.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »