Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
business process manager vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2019-4669
IBM Business Process Manager 8.5.7.0 up to and including 8.5.7.0 2017.06, 8.6.0.0 up to and including 8.6.0.0 CF2018.03, and IBM Business Automation Workflow 18.0.0.1 up to and including 19.0.0.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL s...
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager 8.6.0.0
Ibm Business Automation Workflow
3.5
CVSSv2
CVE-2019-4204
IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, and 19.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosu...
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager 8.6.0.0
Ibm Business Automation Workflow
3.5
CVSSv2
CVE-2019-4410
IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, and 19.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosu...
Ibm Business Automation Workflow
Ibm Business Process Manager 8.6.0.0
Ibm Business Process Manager 8.5.7.0
3.5
CVSSv2
CVE-2021-38883
IBM Business Automation Workflow 18.0, 19.0, 20,0 and 21.0 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially le...
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Automation Workflow 18.0.0.1
Ibm Business Automation Workflow 18.0.0.2
Ibm Business Automation Workflow 19.0.0.0
Ibm Business Automation Workflow 19.0.0.1
Ibm Business Automation Workflow 19.0.0.2
Ibm Business Automation Workflow 19.0.0.3
Ibm Business Automation Workflow 20.0.0.0
Ibm Business Automation Workflow 20.0.0.1
Ibm Business Automation Workflow 20.0.0.2
Ibm Business Automation Workflow 21.0.0.0
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 8.5.0.2
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.5.6.0
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager 8.6.0.0
5
CVSSv2
CVE-2020-4531
IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.0, 8.5, and 8.6 could allow a remote malicious user to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in furth...
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Automation Workflow 19.0.0.0
Ibm Business Automation Workflow 20.0.0.0
Ibm Business Process Manager 8.0.0.0
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.6.0.0
5
CVSSv2
CVE-2020-4532
IBM Business Automation Workflow and IBM Business Process Manager (IBM Business Process Manager Express 8.5.5, 8.5.6, 8.5.7, and 8.6) could allow a remote malicious user to obtain sensitive information when a detailed technical error message is returned in the browser. This infor...
Ibm Business Automation Workflow 18.0.0.1
Ibm Business Automation Workflow 19.0.0.3
Ibm Business Process Manager
Ibm Business Process Manager 8.6.0.0
3.5
CVSSv2
CVE-2020-4557
IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading...
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Automation Workflow 19.0.0.0
Ibm Business Automation Workflow 20.0.0.0
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.6.0.0
3.5
CVSSv2
CVE-2021-29751
IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.5 and 8.6 could allow an authenticated user to obtain sensitive information about another user under nondefault configurations. IBM X-Force ID: 201779.
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.6.0.0
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Automation Workflow 19.0.0.0
Ibm Business Automation Workflow 20.0.0.0
4.3
CVSSv2
CVE-2021-29753
IBM Business Automation Workflow 18. 19, 20, 21, and IBM Business Process Manager 8.5 and d8.6 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Automation Workflow 19.0.0.0
Ibm Business Automation Workflow 20.0.0.0
Ibm Business Automation Workflow 21.0.0.0
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.6.0.0
4
CVSSv2
CVE-2017-1628
IBM Business Process Manager 8.6.0.0 allows authenticated users to stop and resume the Event Manager by calling a REST API with incorrect authorization checks.
Ibm Business Process Manager 8.6.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »