Published: 20/09/2018 Updated: 09/10/2019
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 578
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Vulnerability Summary

IBM Business Process Manager 8.5 up to and including 8.6 and up to and including are vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the malicious user to view, add, modify or delete information in the back-end database. IBM X-Force ID: 145109.

Vulnerability Trend