Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm cloud pak for automation vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2021-38966
IBM Cloud Pak for Automation 21.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force...
Ibm Cloud Pak For Automation 21.0.2
Ibm Workflow Process Service 21.0.2
5.4
CVSSv3
CVE-2021-29775
IBM Business Automation Workflow 19.0.03 and 20.0 and IBM Cloud Pak for Automation 20.0.3-IF002 and 21.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially...
Ibm Business Automation Workflow 19.0.0.3
Ibm Business Automation Workflow 20.0.0.0
Ibm Cloud Pak For Automation 20.0.3-if002
Ibm Cloud Pak For Automation 21.0.1
7.1
CVSSv3
CVE-2021-20482
IBM Cloud Pak for Automation 20.0.2 and 20.0.3 IF002 are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 197504.
Ibm Cloud Pak For Automation 20.0.2
Ibm Cloud Pak For Automation 20.0.3
6.5
CVSSv3
CVE-2021-20358
IBM Cloud Pak for Automation 20.0.3, 20.0.2-IF002 stores potentially sensitive information in clear text in API connection log files. This information could be obtained by a user with permissions to read log files. IBM X-Force ID: 194965.
Ibm Cloud Pak For Automation 20.0.2
Ibm Cloud Pak For Automation 20.0.3
6.5
CVSSv3
CVE-2021-20359
IBM Cloud Pak for Automation 20.0.3, 20.0.2-IF002 - Business Automation Application Designer Component stores potentially sensitive information in log files that could be obtained by an unauthorized user. IBM X-Force ID: 194966.
Ibm Cloud Pak For Automation 20.0.2
Ibm Cloud Pak For Automation 20.0.3
6.5
CVSSv3
CVE-2020-4325
The IBM Process Federation Server 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, and 19.0.0.3 Global Teams REST API does not properly shutdown the thread pools that it creates to retrieve Global Teams information from the federated systems. As a consequence, the Java Virtual Machine can...
Ibm Cloud Pak For Automation 19.0.3
Ibm Process Federation Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4