CVE-2020-4794
5.4
CVSS:3.0/A:L/I:N/C:L/AC:L/PR:L/S:U/AV:N/UI:N/RC:C/E:U/RL:O
Summary
IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2, IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.6 could allow an authenticated user to obtain sensitive information or cuase a denial of service due to iimproper authorization checking. IBM X-Force ID: 189445.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | Automation Workstream Services | 19.0.3 | affected |
| IBM | Automation Workstream Services | 20.0.1 | affected |
| IBM | Automation Workstream Services | 20.0.2 | affected |
| IBM | Business Process Manager | 8.6 | affected |
| IBM | Business Automation Workflow | 19.0 | affected |
| IBM | Business Automation Workflow | 20.0 | affected |
| IBM | Business Automation Workflow | 18.0 | affected |
Weaknesses
- Denial of Service
ADP Enrichment
CVE Program Container
Additional References
- https://www.ibm.com/support/pages/node/6359463
- https://exchange.xforce.ibmcloud.com/vulnerabilities/189445
References
- https://www.ibm.com/support/pages/node/6359463
- https://exchange.xforce.ibmcloud.com/vulnerabilities/189445
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.