KLA10488
Code injection vulnerabilities in IBM BPM
Updated: 05/22/2020
Detect date
?
03/23/2015
Severity
?
Warning
Description

An unspecified vulnerabilities were found in IBM BPM. By exploiting these vulnerabilities malicious users inject arbitrary web script. This vulnerability can be exploited remotely via a specially designed URL or vectors related to data fields.

Affected products

IBM Business Process Manager 7.5 versions earlier than 7.5.1.2
IBM Business Process Manager 8.0 versions earlier than 8.0.1.3
IBM Business Process Manager 8.5 versions earlier than 8.5.0.1
IBM Business Process Manager 8.5.5 versions earlier than 8.5.5.0

Solution

Update to latest version!

Impacts
?
CI 
[?]
Related products
IBM Business Process Manager
CVE-IDS
?
CVE-2015-01054.3Warning
CVE-2015-01064.3Warning
CVE-2015-01584.3Warning
CVE-2015-01033.5Warning