Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
process automation vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2020-4446
IBM Business Process Manager 8.0, 8.5, and 8.6 and IBM Business Automation Workflow 18.0 and 19.0 could allow a remote malicious user to bypass security restrictions, caused by the failure to perform insufficient authorization checks. IBM X-Force ID: 181126.
Ibm Business Automation Workflow
Ibm Business Process Manager
Ibm Business Process Manager 8.6.0.0
6.3
CVSSv3
CVE-2019-4669
IBM Business Process Manager 8.5.7.0 up to and including 8.5.7.0 2017.06, 8.6.0.0 up to and including 8.6.0.0 CF2018.03, and IBM Business Automation Workflow 18.0.0.1 up to and including 19.0.0.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL s...
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager 8.6.0.0
Ibm Business Automation Workflow
5.4
CVSSv3
CVE-2019-4204
IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, and 19.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosu...
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager 8.6.0.0
Ibm Business Automation Workflow
5.4
CVSSv3
CVE-2019-4410
IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, and 19.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosu...
Ibm Business Automation Workflow
Ibm Business Process Manager 8.6.0.0
Ibm Business Process Manager 8.5.7.0
5.4
CVSSv3
CVE-2019-4149
IBM Business Automation Workflow V18.0.0.0 through V18.0.0.2 and IBM Business Process Manager V8.6.0.0 through V8.6.0.0 Cumulative Fix 2018.03, V8.5.7.0 through V8.5.7.0 Cumulative Fix 2017.06, and V8.5.6.0 through V8.5.6.0 CF2 is vulnerable to cross-site scripting. This vulnerab...
Ibm Business Process Manager 8.5.6.0
Ibm Business Process Manager 8.6.0.0
Ibm Business Process Manager 8.5.7.0
Ibm Business Automation Workflow
6.5
CVSSv3
CVE-2023-45189
A vulnerability in IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak 21.0.0 up to and including 21.0.7.10, 23.0.0 up to and including 23.0.10 may result in access to client vault credentials. This difficult to exploit vulnerability could allow a low ...
Ibm Robotic Process Automation For Cloud Pak
4.3
CVSSv3
CVE-2019-4045
IBM Business Automation Workflow and IBM Business Process Manager 18.0.0.0, 18.0.0.1, and 18.0.0.2 provide embedded document management features. Because of a missing restriction in an API, a client might spoof the last modified by value of a document. IBM X-Force ID: 156241.
Ibm Business Process Manager
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.5.6.0
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager 8.6.0.0
Ibm Business Automation Workflow
8.2
CVSSv3
CVE-2019-4424
IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, and 19.0.0.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory reso...
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager
Ibm Business Process Manager 8.5.6.0
Ibm Business Process Manager 8.6.0.0
Ibm Business Automation Workflow
5.7
CVSSv3
CVE-2019-4425
IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, and 18.0.0.2 could allow a user to obtain highly sensitive information from another user by inserting links that would be clicked on by unsuspecting users. IBM X-Force ID: 162771.
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager
Ibm Business Process Manager 8.5.6.0
Ibm Business Automation Workflow
Ibm Business Process Manager 8.6.0.0
4.9
CVSSv3
CVE-2021-39046
IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 and IBM Business Process Manager 8.5 and 8.6 stores user credentials in plain clear text which can be read by a lprivileged user. IBM X-Force ID: 214346.
Ibm Business Automation Workflow 18.0.0.1
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Automation Workflow 18.0.0.2
Ibm Business Automation Workflow 19.0.0.3
Ibm Business Automation Workflow 19.0.0.1
Ibm Business Automation Workflow 19.0.0.2
Ibm Business Automation Workflow 20.0.0.1
Ibm Business Automation Workflow 20.0.0.2
Ibm Business Automation Workflow 21.0.2
Ibm Business Process Manager 8.5
Ibm Business Process Manager 8.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »