Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
automation manager vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2018-1997
IBM Business Automation Workflow and Business Process Manager 18.0.0.0, 18.0.0.1, and 18.0.0.2 are vulnerable to a denial of service attack. An authenticated attacker might send a specially crafted request that exhausts server-side memory. IBM X-Force ID: 154774.
Ibm Business Automation Workflow 18.0.0.2
Ibm Business Automation Workflow 18.0.0.1
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Process Manager 8.6.0.0
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager 8.5.6.0
4.3
CVSSv2
CVE-2021-29753
IBM Business Automation Workflow 18. 19, 20, 21, and IBM Business Process Manager 8.5 and d8.6 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Automation Workflow 19.0.0.0
Ibm Business Automation Workflow 20.0.0.0
Ibm Business Automation Workflow 21.0.0.0
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.6.0.0
3.5
CVSSv2
CVE-2021-38893
IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation Workflow 18.0, 19.0, 20.0 and 21.0 are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potenti...
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Automation Workflow 19.0.0.0
Ibm Business Automation Workflow 20.0.0.0
Ibm Business Automation Workflow 21.0.0.0
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager 8.6.0.0
Ibm Workflow Process Service 21.0.2
4
CVSSv2
CVE-2018-1999
IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, and 18.0.0.2 could reveal sensitive version information about the server from error pages that could aid an attacker in further attacks against the system. IBM X-Force ID: 154889.
Ibm Business Automation Workflow 18.0.0.2
Ibm Business Automation Workflow 18.0.0.1
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Process Manager 8.6.0.0
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager 8.5.6.0
6.8
CVSSv2
CVE-2018-11455
A vulnerability has been identified in Automation License Manager 5 (All versions < 5.3.4.4), Automation License Manager 6 (All versions < 6.0.1). A directory traversal vulnerability could allow a remote malicious user to move arbitrary files, which can result in code execu...
Siemens Automation License Manager
5
CVSSv2
CVE-2018-11456
A vulnerability has been identified in Automation License Manager 5 (All versions < 5.3.4.4). An attacker with network access to the device could send specially crafted network packets to determine whether or not a network port on another remote system is accessible or not. Th...
Siemens Automation License Manager
5
CVSSv2
CVE-2011-4530
Siemens Automation License Manager (ALM) 4.0 up to and including 5.1+SP1+Upd1 does not properly copy fields obtained from clients, which allows remote malicious users to cause a denial of service (exception and daemon crash) via long fields, as demonstrated by fields to the (1) o...
Siemens Automation License Manager
1 EDB exploit
6.4
CVSSv2
CVE-2016-8565
Siemens Automation License Manager (ALM) prior to 5.3 SP3 allows remote malicious users to write to files, rename files, create directories, or delete directories via crafted packets.
Siemens Automation License Manager
7.5
CVSSv2
CVE-2011-4529
Multiple buffer overflows in Siemens Automation License Manager (ALM) 4.0 up to and including 5.1+SP1+Upd1 allow remote malicious users to execute arbitrary code via a long serialid field in an _licensekey command, as demonstrated by the (1) check_licensekey or (2) read_licenseke...
Siemens Automation License Manager
1 EDB exploit
NA
CVE-2022-2457
A flaw was found in Red Hat Process Automation Manager 7 where an attacker can benefit from a brute force attack against Administration Console as the application does not limit the number of unsuccessful login attempts.
Redhat Process Automation Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »