IBM Business Process Manager (BPM) 8.0.x up to and including 8.0.1.3, 8.5.0 up to and including 8.5.0.1, 8.5.5 up to and including 8.5.5.0, and 8.5.6 up to and including 8.5.6.0, when external Enterprise Content Management (ECM) integration is enabled with a certain technical system account configuration, allows remote authenticated users to bypass intended document-access restrictions via a (1) upload or (2) download action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm business process manager 8.0.0.0 |
||
ibm business process manager 8.0.1.0 |
||
ibm business process manager 8.0.1.2 |
||
ibm business process manager 8.5.0.1 |
||
ibm business process manager 8.0.1.1 |
||
ibm business process manager 8.0.1.3 |
||
ibm business process manager 8.5.0.0 |
||
ibm business process manager 8.5.5.0 |
||
ibm business process manager 8.5.6.0 |