Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-4794

Опубликовано: 21 дек. 2020
Источник: nvd
CVSS3: 5.4
CVSS3: 5.4
CVSS2: 5.5
EPSS Низкий

Описание

IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2, IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.6 could allow an authenticated user to obtain sensitive information or cuase a denial of service due to iimproper authorization checking. IBM X-Force ID: 189445.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:automation_workstream_services:19.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:automation_workstream_services:20.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:automation_workstream_services:20.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.0.0.0:*:*:*:express:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.0.0.0:*:*:*:standard:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.0.1.0:*:*:*:express:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.0.1.0:*:*:*:standard:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.0.1.1:*:*:*:express:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.0.1.1:*:*:*:standard:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.0.1.2:*:*:*:express:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.0.1.2:*:*:*:standard:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.0.1.3:*:*:*:express:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.0.1.3:*:*:*:standard:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.0.0:*:*:*:express:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.0.0:*:*:*:standard:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.0.1:*:*:*:express:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.0.1:*:*:*:standard:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.0.2:*:*:*:express:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.0.2:*:*:*:standard:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.5.0:*:*:*:express:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.5.0:*:*:*:standard:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.6.0:-:*:*:express:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.6.0:-:*:*:standard:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.6.1:*:*:*:express:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.6.1:*:*:*:standard:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.6.2:*:*:*:express:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.6.2:*:*:*:standard:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.7.0:*:*:*:express:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.7.0:*:*:*:standard:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.7.0:cf201606:*:*:express:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.7.0:cf201606:*:*:standard:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.7.0:cf201609:*:*:express:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.7.0:cf201609:*:*:standard:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.7.0:cf201612:*:*:express:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.7.0:cf201612:*:*:standard:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.7.0:cf201703:*:*:express:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.7.0:cf201703:*:*:standard:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.7.0:cf201706:*:*:express:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.7.0:cf201706:*:*:standard:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.6:*:*:*:express:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.6:*:*:*:standard:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:ibm:business_automation_workflow:18.0.0.0:*:*:*:-:*:*:*
cpe:2.3:a:ibm:business_automation_workflow:18.0.0.1:*:*:*:-:*:*:*
cpe:2.3:a:ibm:business_automation_workflow:18.0.0.2:*:*:*:-:*:*:*
cpe:2.3:a:ibm:business_automation_workflow:19.0.0.0:*:*:*:-:*:*:*
cpe:2.3:a:ibm:business_automation_workflow:19.0.0.1:*:*:*:-:*:*:*
cpe:2.3:a:ibm:business_automation_workflow:19.0.0.2:*:*:*:-:*:*:*
cpe:2.3:a:ibm:business_automation_workflow:19.0.0.3:*:*:*:-:*:*:*
cpe:2.3:a:ibm:business_automation_workflow:20.0.0.0:*:*:*:docker:*:*:*
cpe:2.3:a:ibm:business_automation_workflow:20.0.0.1:*:*:*:-:*:*:*
cpe:2.3:a:ibm:business_automation_workflow:20.0.2.0:*:*:*:-:*:*:*

EPSS

Процентиль: 32%
0.00128
Низкий

5.4 Medium

CVSS3

5.4 Medium

CVSS3

5.5 Medium

CVSS2

Дефекты

CWE-863

Связанные уязвимости

github логотип

GHSA-jq8v-8c7p-26p2

github
больше 3 лет назад

IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2, IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.6 could allow an authenticated user to obtain sensitive information or cuase a denial of service due to iimproper authorization checking. IBM X-Force ID: 189445.

EPSS

Процентиль: 32%
0.00128
Низкий

5.4 Medium

CVSS3

5.4 Medium

CVSS3

5.5 Medium

CVSS2

Дефекты

CWE-863