Описание
IBM Business Automation Workflow
22.0.2, 23.0.1, 23.0.2, and 24.0.0
could allow a privileged user to perform unauthorized activities due to improper client side validation.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 18.0.0.1 (включая) до 18.0.0.3 (включая)Версия от 19.0.0.1 (включая) до 19.0.0.3 (включая)Версия от 21.0.1 (включая) до 21.0.3.1 (включая)
Одно из
cpe:2.3:a:ibm:business_automation_workflow:*:*:*:*:traditional:*:*:*
cpe:2.3:a:ibm:business_automation_workflow:*:*:*:*:traditional:*:*:*
cpe:2.3:a:ibm:business_automation_workflow:*:*:*:*:traditional:*:*:*
cpe:2.3:a:ibm:business_automation_workflow:20.0.0.1:*:*:*:traditional:*:*:*
cpe:2.3:a:ibm:business_automation_workflow:20.0.0.2:*:*:*:traditional:*:*:*
cpe:2.3:a:ibm:business_automation_workflow:22.0.1:*:*:*:traditional:*:*:*
cpe:2.3:a:ibm:business_automation_workflow:22.0.2:*:*:*:traditional:*:*:*
cpe:2.3:a:ibm:business_automation_workflow:23.0.1:*:*:*:traditional:*:*:*
cpe:2.3:a:ibm:business_automation_workflow:23.0.2:*:*:*:traditional:*:*:*
cpe:2.3:a:ibm:business_automation_workflow:24.0.0:*:*:*:traditional:*:*:*
EPSS
Процентиль: 25%
0.00085
Низкий
4.9 Medium
CVSS3
Дефекты
CWE-602
NVD-CWE-Other
Связанные уязвимости
CVSS3: 4.9
github
больше 1 года назад
IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 could allow a privileged user to perform unauthorized activities due to improper client side validation.
EPSS
Процентиль: 25%
0.00085
Низкий
4.9 Medium
CVSS3
Дефекты
CWE-602
NVD-CWE-Other