Medium Severity
Security Bulletin: Cross-site scripting vulnerability affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) – CVE-2020-4698
Sep 4, 2020 8:00 pm EDT
Categorized: Medium Severity
Share this post:
IBM Business Process Manager and IBM Business Automation Workflow are vulnerable to a cross-site scripting attack.
Affected product(s) and affected version(s):
| Affected Product(s) | Version(s) |
| IBM Business Automation Workflow | V20.0 V19.0 V18.0 |
| IBM Business Process Manager | V8.6 V8.5 |
For earlier and unsupported versions of the products, IBM recommends upgrading to a fixed, supported version of the product.
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6326825
Security Bulletin: IBM Resilient SOAR is Using Components with Known Vulnerabilities – Java SE (CVE-2020-14779, CVE-2020-14792, CVE-2020-14796, CVE-2020-14797, CVE-2020-14798)
Feb 25, 2021 7:00 pm EST | Medium Severity
IBM Resilient SOAR is Using Components with Known Vulnerabilities - Java SE (CVE-2020-14779, CVE-2020-14792, CVE-2020-14796, CVE-2020-14797, CVE-2020-14798) ...read more
Security Bulletin: A Security Vulnerability affects IBM Cloud Private – OpenSSL (CVE-2019-1551)
Feb 25, 2021 7:00 pm EST | Medium Severity
A Security Vulnerability affects IBM Cloud Private ...read more
Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU – Oct 2020
Feb 25, 2021 7:00 pm EST | Medium Severity
There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 SR10-FP70 and Version 8 SR6-FP15 used by IBM Tivoli Application Dependency Discovery Manager (TADDM). These issues were disclosed as part of the IBM Java SDK updates in Oct2020. ...read more