Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
business process manager vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2016-9731
IBM Business Process Manager is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Ibm Business Process Manager 8.5.7.0
6.8
CVSSv2
CVE-2017-1769
IBM Business Process Manager 8.6 is vulnerable to cross-site request forgery which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 136783.
Ibm Business Process Manager 8.6.0.0
3.5
CVSSv2
CVE-2017-1424
IBM Business Process Manager 8.5.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ...
Ibm Business Process Manager 8.5.7.0
4
CVSSv2
CVE-2021-38900
IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation Workflow 18.0, 19.0, 20.0 and 21.0 could allow a privileged user to obtain highly sensitive information due to improper access controls. IBM X-Force ID: 209607.
Ibm Business Process Manager 8.5.0.0
Ibm Business Automation Workflow 18.0.0.1
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Automation Workflow 18.0.0.2
Ibm Business Process Manager 8.6.0.0
Ibm Business Automation Workflow 19.0.0.0
Ibm Business Automation Workflow 20.0.0.0
Ibm Business Automation Workflow 19.0.0.1
Ibm Business Automation Workflow 21.0.0.0
Ibm Workflow Process Service 21.0.2
4.3
CVSSv2
CVE-2013-6746
Cross-site scripting (XSS) vulnerability in FileNet P8 Platform Documentation Installable Info Center 4.5.1 up to and including 5.2.0 in IBM FileNet Business Process Manager 4.5.1 up to and including 5.1.0, FileNet Content Manager 4.5.1 up to and including 5.2.0, and Case Foundat...
Ibm Filenet Content Manager 5.1.0
Ibm Filenet Content Manager 5.0.0
Ibm Filenet Content Manager 4.5.1
Ibm Filenet P8 Business Process Manager 4.5.1
Ibm Filenet P8 Business Process Manager 5.0.0
Ibm Filenet Case Foundation 5.2.0
Ibm Filenet Content Manager 4.5.0
Ibm Filenet P8 Business Process Manager 5.1.0
Ibm Filenet Content Manager 5.2.0
6.8
CVSSv2
CVE-2018-2000
IBM Business Automation Workflow 18.0.0.0 and 18.0.0.1 is vulnerable to cross-site request forgery which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 154890.
Ibm Business Automation Workflow 18.0.0.1
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Process Manager 8.6.0.0
3.5
CVSSv2
CVE-2021-29834
IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3,20.0.0.1, 20.0.0.2, and 21.0.2 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript cod...
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Automation Workflow 18.0.0.1
Ibm Business Automation Workflow 18.0.0.2
Ibm Business Automation Workflow 19.0.0.1
Ibm Business Automation Workflow 19.0.0.2
Ibm Business Automation Workflow 19.0.0.3
Ibm Business Automation Workflow 20.0.0.1
Ibm Business Automation Workflow 20.0.0.2
Ibm Business Automation Workflow 21.0.2
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.6.0.0
4
CVSSv2
CVE-2021-39046
IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 and IBM Business Process Manager 8.5 and 8.6 stores user credentials in plain clear text which can be read by a lprivileged user. IBM X-Force ID: 214346.
Ibm Business Automation Workflow 18.0.0.1
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Automation Workflow 18.0.0.2
Ibm Business Automation Workflow 19.0.0.3
Ibm Business Automation Workflow 19.0.0.1
Ibm Business Automation Workflow 19.0.0.2
Ibm Business Automation Workflow 20.0.0.1
Ibm Business Automation Workflow 20.0.0.2
Ibm Business Automation Workflow 21.0.2
Ibm Business Process Manager 8.5
Ibm Business Process Manager 8.6
5
CVSSv2
CVE-2019-14839
It was observed that while login into Business-central console, HTTP request discloses sensitive information like username and password when intercepted using some tool like burp suite etc.
Redhat Business-central
Redhat Descision Manager 7.0
Redhat Process Automation 7.0
4.3
CVSSv2
CVE-2022-22361
IBM Business Automation Workflow traditional 21.0.1 up to and including 21.0.3, 20.0.0.1 up to and including 20.0.0.2, 19.0.0.1 up to and including 19.0.0.3, 18.0.0.0 up to and including 18.0.0.1, IBM Business Automation Workflow containers V21.0.1 - V21.0.3 20.0.0.1 up to and in...
Ibm Business Automation Workflow 18.0.0.1
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Automation Workflow
Ibm Business Automation Workflow 20.0.0.1
Ibm Business Automation Workflow 20.0.0.2
Ibm Business Process Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »