Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm business process manager 8.5.6.1 vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2016-5901
Cross-site scripting (XSS) vulnerability in a test page in IBM Business Process Manager Advanced 8.5.6.0 up to and including 8.5.7.0 before cumulative fix 2016.09 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager 8.5.6.1
Ibm Business Process Manager 8.5.6.2
Ibm Business Process Manager 8.5.6.0
356
VMScore
CVE-2017-1766
Due to incorrect authorization in IBM Business Process Manager 8.6 an attacker can claim and work on ad hoc tasks he is not assigned to. IBM X-Force ID: 136151.
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager 8.5.6.0
Ibm Business Process Manager 8.5.6.2
Ibm Business Process Manager 8.5.6.1
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.6.0.0
312
VMScore
CVE-2017-1767
IBM Business Process Manager 8.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID...
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager 8.5.6.2
Ibm Business Process Manager 8.5.6.1
Ibm Business Process Manager 8.5.6.0
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.6.0.0
356
VMScore
CVE-2017-1765
IBM Business Process Manager 8.6 could allow an authenticated user with special privileges to reveal sensitive information about the application server. IBM X-Force ID: 136150.
Ibm Business Process Manager 8.5.6.0
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.5.0.2
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 8.5.6.2
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.0.1.2
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager 8.0.1.0
Ibm Business Process Manager 8.0.0.0
Ibm Business Process Manager 8.5.6.1
Ibm Business Process Manager 8.0.1.3
Ibm Business Process Manager 8.0.1.1
Ibm Business Process Manager 8.6.0.0
Ibm Business Process Manager Enterprise Service Bus 8.6.0.0
312
VMScore
CVE-2017-1531
IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. ...
Ibm Business Process Manager 7.5.0.1
Ibm Business Process Manager 7.5.1.0
Ibm Business Process Manager 8.0.1.0
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 8.5.6.0
Ibm Business Process Manager 8.5.6.1
Ibm Business Process Manager 7.5.0.0
Ibm Business Process Manager 7.5.1.1
Ibm Business Process Manager 7.5.1.2
Ibm Business Process Manager 8.0.1.2
Ibm Business Process Manager 8.5.0.2
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.5.6.2
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager 8.0.0.0
Ibm Business Process Manager 8.0.1.1
Ibm Business Process Manager 8.0.1.3
169
VMScore
CVE-2017-1346
IBM Business Process Manager 7.5, 8.0, and 8.5 temporarily stores files in a temporary folder during offline installs which could be read by a local user within a short timespan. IBM X-Force ID: 126461.
Ibm Business Process Manager 7.5.0.0
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.5.6.0
Ibm Business Process Manager 8.5.6.1
Ibm Business Process Manager 8.5.6.2
Ibm Business Process Manager 8.5.0.2
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 8.0.1.3
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 7.5.0.1
Ibm Business Process Manager 7.5.1.1
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager 8.0.1.2
Ibm Business Process Manager 8.0.1.0
Ibm Business Process Manager 8.0.0.0
Ibm Business Process Manager 8.0.1.1
Ibm Business Process Manager 7.5.1.2
Ibm Business Process Manager 7.5.1.0
668
VMScore
CVE-2017-1527
IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 130156.
Ibm Business Process Manager 7.5.0.1
Ibm Business Process Manager 7.5.1.0
Ibm Business Process Manager 8.0.0.0
Ibm Business Process Manager 8.0.1.0
Ibm Business Process Manager 8.0.1.3
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.5.6.0
Ibm Business Process Manager 7.5.0.0
Ibm Business Process Manager 7.5.1.1
Ibm Business Process Manager 7.5.1.2
Ibm Business Process Manager 8.0.1.1
Ibm Business Process Manager 8.0.1.2
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 8.5.0.2
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.5.6.1
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager 8.5.6.2
312
VMScore
CVE-2017-1530
IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. ...
Ibm Business Process Manager 7.5.0.0
Ibm Business Process Manager 7.5.1.0
Ibm Business Process Manager 7.5.1.1
Ibm Business Process Manager 7.5.1.2
Ibm Business Process Manager 8.0.1.0
Ibm Business Process Manager 7.5.0.1
Ibm Business Process Manager 8.0.0.0
Ibm Business Process Manager 8.0.1.3
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.0.1.1
Ibm Business Process Manager 8.0.1.2
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 8.5.0.2
Ibm Business Process Manager 8.5.6.1
Ibm Business Process Manager 8.5.6.2
Ibm Business Process Manager 8.5.6.0
Ibm Business Process Manager 8.5.7.0
578
VMScore
CVE-2017-1539
IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to privilege escalation by not properly distinguishing internal group memberships from user registry group memberships. By manipulating LDAP group membership an attack might gain privileged access. IBM X-Force ID: 13080...
Ibm Business Process Manager 7.5.0.0
Ibm Business Process Manager 7.5.0.1
Ibm Business Process Manager 7.5.1.0
Ibm Business Process Manager 7.5.1.1
Ibm Business Process Manager 8.0.1.0
Ibm Business Process Manager 8.0.1.1
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 8.5.6.0
Ibm Business Process Manager 8.5.6.1
Ibm Business Process Manager 7.5.1.2
Ibm Business Process Manager 8.0.0.0
Ibm Business Process Manager 8.0.1.2
Ibm Business Process Manager 8.0.1.3
Ibm Business Process Manager 8.5.0.2
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.5.6.2
Ibm Business Process Manager 8.5.7.0
436
VMScore
CVE-2015-7441
Remote Artifact Loader (RAL) in IBM WebSphere Process Server 7 and Business Process Manager Advanced 7.5 up to and including 7.5.1.2, 8.0 up to and including 8.0.1.3, 8.5.0 up to and including 8.5.0.2, 8.5.5 up to and including 8.5.5.0, and 8.5.6 up to and including 8.5.6.2 does ...
Ibm Business Process Manager 8.5.6.2
Ibm Business Process Manager 8.5.6.1
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.0.1.2
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.0.1.3
Ibm Business Process Manager 8.0.1.1
Ibm Business Process Manager 8.0.0.0
Ibm Business Process Manager 7.5.1.2
Ibm Business Process Manager 7.5.1.1
Ibm Business Process Manager 7.5.1.0
Ibm Business Process Manager 7.5.0.1
Ibm Business Process Manager 7.5.0.0
Ibm Business Process Manager 8.0.1.0
Ibm Websphere Process Server 7.0
Ibm Business Process Manager 8.5.6.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »