Description
IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2, IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.6 could allow an authenticated user to obtain sensitive information or cuase a denial of service due to iimproper authorization checking. IBM X-Force ID: 189445.
CVSS breakdown
CVSS 3.0
Availability
Low
Integrity
None
Confidentiality
Low
Attack Complexity
Low
Privileges Required
Low
Scope
Unchanged
Attack Vector
Network
User Interaction
None
RC
Changed
E
Unchanged
RL
O
Affected products
- ibm / Automation Workstream Services20.0.1 – 20.0.1
- ibm / Automation Workstream Services20.0.2 – 20.0.2
- ibm / Automation Workstream Services19.0.3 – 19.0.3
- ibm / business_automation_workflow18.0 – 18.0
- ibm / business_automation_workflow19.0 – 19.0
- ibm / business_automation_workflow20.0 – 20.0
- ibm / Business Process Manager8.6 – 8.6