NotCVE - vendor:"Ibm" product:"Business Automation Workflow" version:"19.0.1"

Page 2 of 24 results (0.008 seconds)

CVSS: 5.4EPSS: 0%CPEs: 18EXPL: 0

CVE-2021-38883

https://notcve.org/view.php?id=CVE-2021-38883

17 Dec 2021 — IBM Business Automation Workflow 18.0, 19.0, 20,0 and 21.0 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 209165. IBM Business Automation Workflow versiones 18.0, 19.0, 20,0 y 21.0 e IBM Business Process Manager versiones 8.5 y 8.6, son vulnerables a un ataque de ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/209165 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.9EPSS: 0%CPEs: 6EXPL: 0

CVE-2021-29753

https://notcve.org/view.php?id=CVE-2021-29753

05 Nov 2021 — IBM Business Automation Workflow 18. 19, 20, 21, and IBM Business Process Manager 8.5 and d8.6 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. IBM Business Automation Workflow versiones 18. 19, 20, 21, e IBM Business Process Manager 8.5 y d8.6, transmite o almacena credenciales de autenticación, pero usa un método no seguro que es susceptible de ser interceptado y/o recuperado sin autorización • https://exchange.xforce.ibmcloud.com/vulnerabilities/201919 • CWE-319: Cleartext Transmission of Sensitive Information •

CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-29835

https://notcve.org/view.php?id=CVE-2021-29835

22 Oct 2021 — IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204833. IBM Business Automation Workflow versiones 18.0, 19.0, 20.0 y 21.0, es vulnerable a una ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbi... • https://exchange.xforce.ibmcloud.com/vulnerabilities/204833 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 11EXPL: 0

CVE-2021-29878

https://notcve.org/view.php?id=CVE-2021-29878

18 Oct 2021 — IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 206581. IBM Business Automation Workflow versiones 18.0, 19.0, 20.0 y 21.0, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbit... • https://exchange.xforce.ibmcloud.com/vulnerabilities/206581 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.4EPSS: 0%CPEs: 11EXPL: 0

CVE-2021-29834

https://notcve.org/view.php?id=CVE-2021-29834

29 Sep 2021 — IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3,20.0.0.1, 20.0.0.2, and 21.0.2 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204832. IBM Business Automation Workflow versiones 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0... • https://exchange.xforce.ibmcloud.com/vulnerabilities/204832 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-29775

https://notcve.org/view.php?id=CVE-2021-29775

28 Jun 2021 — IBM Business Automation Workflow 19.0.03 and 20.0 and IBM Cloud Pak for Automation 20.0.3-IF002 and 21.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 203029. IBM Business Automation Workflow versiones 19.0.03 y 20.0 e IBM Cloud Pak for Automation versiones 20.0.3-IF002 y 21.0.1, son vulnerables a ataques... • https://exchange.xforce.ibmcloud.com/vulnerabilities/203029 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0

CVE-2021-29751

https://notcve.org/view.php?id=CVE-2021-29751

28 Jun 2021 — IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.5 and 8.6 could allow an authenticated user to obtain sensitive information about another user under nondefault configurations. IBM X-Force ID: 201779. IBM Business Automation Workflow versiones 18.0, 19.0 y 20.0 e IBM Business Process Manager versiones 8.5 y 8.6, podrían permitir a un usuario autenticado obtener información confidencial sobre otro usuario bajo configuraciones no predeterminadas. IBM X-Force ID: 201779 • https://exchange.xforce.ibmcloud.com/vulnerabilities/201779 •

CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0

CVE-2020-4768

https://notcve.org/view.php?id=CVE-2020-4768

11 Feb 2021 — IBM Case Manager 5.2 and 5.3 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188907. IBM Case Manager versiones 5.2 y 5.3 e IBM Business Automation Workflow versiones 18.0, 19.0 y 20.0, son vulnerables a ataques de tipo cross-site scripting. Esta ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/188907 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.5EPSS: 0%CPEs: 51EXPL: 0

CVE-2020-4794

https://notcve.org/view.php?id=CVE-2020-4794

21 Dec 2020 — IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2, IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.6 could allow an authenticated user to obtain sensitive information or cuase a denial of service due to iimproper authorization checking. IBM X-Force ID: 189445. IBM Automation Workstream Services versiones 19.0.3, 20.0.1, 20.0.2, IBM Business Automation Workflow versiones 18.0, 19.0 y 20.0 e IBM Business Process Manager versión 8.6, podrían permitir a un usuari... • https://exchange.xforce.ibmcloud.com/vulnerabilities/189445 • CWE-863: Incorrect Authorization •

CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0

CVE-2020-4531

https://notcve.org/view.php?id=CVE-2020-4531

25 Sep 2020 — IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.0, 8.5, and 8.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 182715. IBM Business Automation Workflow versiones 18.0, 19.0 y 20.0 e IBM Business Process Manager versiones 8.0, 8.5 y 8.6, podrían permitir a un atacante remoto obtener información confide... • https://exchange.xforce.ibmcloud.com/vulnerabilities/182715 • CWE-252: Unchecked Return Value •

1 2 3