IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to privilege escalation by not properly distinguishing internal group memberships from user registry group memberships. By manipulating LDAP group membership an attack might gain privileged access. IBM X-Force ID: 130807.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
ibm business process manager 7.5.0.0 |
||
ibm business process manager 7.5.0.1 |
||
ibm business process manager 7.5.1.0 |
||
ibm business process manager 7.5.1.1 |
||
ibm business process manager 8.0.1.0 |
||
ibm business process manager 8.0.1.1 |
||
ibm business process manager 8.5.0.0 |
||
ibm business process manager 8.5.0.1 |
||
ibm business process manager 8.5.6.0 |
||
ibm business process manager 8.5.6.1 |
||
ibm business process manager 7.5.1.2 |
||
ibm business process manager 8.0.0.0 |
||
ibm business process manager 8.0.1.2 |
||
ibm business process manager 8.0.1.3 |
||
ibm business process manager 8.5.0.2 |
||
ibm business process manager 8.5.5.0 |
||
ibm business process manager 8.5.6.2 |
||
ibm business process manager 8.5.7.0 |
Vulmon