CVE-2021-29751

Summary

IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.5 and 8.6 could allow an authenticated user to obtain sensitive information about another user under nondefault configurations. IBM X-Force ID: 201779.

Affected Software

VendorProductVersion RangeStatus
IBMBusiness Process Manager8.5affected
IBMBusiness Process Manager8.6affected
IBMBusiness Automation Workflow18.0affected
IBMBusiness Automation Workflow19.0affected
IBMBusiness Automation Workflow20.0affected
IBMCloud Pak for Automation20.0.3.IF002affected
IBMCloud Pak for Automation21.0.1affected

Weaknesses

  • Obtain Information

ADP Enrichment

CVE Program Container

Additional References

References