Business Process Manager Standard

8.0.1.3

OTHER 1 CVE

8.5.0.1

OTHER 2 CVEs

8.5.6.2

OTHER 2 CVEs

8.5.7.CF201606

OTHER 2 CVEs

8.5.7.CF201609

OTHER 2 CVEs

8.5

MAJOR_MINOR 2 CVEs

8.6

MAJOR_MINOR 2 CVEs

8.5.7.CF201703

OTHER 2 CVEs

8.5.6

SEMANTIC 2 CVEs

8.5.0.2

OTHER 2 CVEs

8.5.5

SEMANTIC 2 CVEs

8.5.6.1

OTHER 2 CVEs

8.5.7.CF201706

OTHER 2 CVEs

8.0

MAJOR_MINOR 1 CVE

8.5.7.CF201612

OTHER 2 CVEs

8.0.1.1

OTHER 1 CVE

8.0.1.2

OTHER 1 CVE

8.0.1

SEMANTIC 1 CVE

8.5.7

SEMANTIC 2 CVEs

CVE-2021-38893

IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation Workflow 18.0, 19.0, 20.0 and 21.0 are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 209512.

MEDIUM Dec 21, 2021

CVE-2020-4446

IBM Business Process Manager 8.0, 8.5, and 8.6 and IBM Business Automation Workflow 18.0 and 19.0 could allow a remote attacker to bypass security restrictions, caused by the failure to perform insufficient authorization checks. IBM X-Force ID: 181126.

MEDIUM May 06, 2020