Ibm Cloud Pak For Automation
11 CVEs affecting Ibm Cloud Pak For Automation. Latest disclosed: 2024-03-05. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-20482 | High | 7.1 | 2021-03-30 | IBM Cloud Pak for Automation 20.0.2 and 20.0.3 IF002 are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacke… |
CVE-2023-35899 | High | 7.0 | 2024-03-05 | IBM Cloud Pak for Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is potentially… |
CVE-2023-38367 | Medium | 6.5 | 2024-02-29 | IBM Cloud Pak Foundational Services Identity Provider (idP) API (IBM Cloud Pak for Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 2… |
CVE-2021-20359 | Medium | 6.5 | 2021-02-08 | IBM Cloud Pak for Automation 20.0.3, 20.0.2-IF002 - Business Automation Application Designer Component stores potentially sensitive information in log files th… |
CVE-2021-20358 | Medium | 6.5 | 2021-02-08 | IBM Cloud Pak for Automation 20.0.3, 20.0.2-IF002 stores potentially sensitive information in clear text in API connection log files. This information could be… |
CVE-2021-38893 | Medium | 6.4 | 2021-12-21 | IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation Workflow 18.0, 19.0, 20.0 and 21.0 are vulnerable to stored cross-site scripting. This vul… |
CVE-2021-29775 | Medium | 6.4 | 2021-06-28 | IBM Business Automation Workflow 19.0.03 and 20.0 and IBM Cloud Pak for Automation 20.0.3-IF002 and 21.0.1 are vulnerable to cross-site scripting. This vulnera… |
CVE-2021-29872 | Medium | 5.4 | 2022-01-18 | IBM Cloud Pak for Automation 21.0.1 and 21.0.2 - Business Automation Studio Component is vulnerable to HTTP header injection, caused by improper validation of… |
CVE-2021-38966 | Medium | 5.4 | 2021-12-21 | IBM Cloud Pak for Automation 21.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thu… |
CVE-2021-38900 | Medium | 4.9 | 2021-12-21 | IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation Workflow 18.0, 19.0, 20.0 and 21.0 could allow a privileged user to obtain highly sensitiv… |
CVE-2021-29751 | Low | 3.1 | 2021-06-28 | IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.5 and 8.6 could allow an authenticated user to obtain sensitive inform… |