Medium Severity

Security Bulletin: Multiple security vulnerabilities with IBM Content Navigator component in IBM Business Automation Workflow – CVE-2020-4757, PSIRT-ADV0028011, CVE-2020-4934

Share this post:

The embedded IBM Content Navigator, that is shipped with IBM Business Automation Workflow is vulnerable to several security vulnerabilities.

CVE(s): CVE-2020-4934, CVE-2020-4757, Third Party Entry:   177835

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Business Automation Workflow 19.0.0.x
IBM Business Automation Workflow 20.0.0.1

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6445795
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/191752
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/188600

More stories

Security Bulletin: WebSphere Application Server Java Batch is vulnerable to an XML External Entity Injection (XXE) vulnerability (CVE-2021-20492)

Jun 19, 2021 8:00 pm EDT | Medium Severity

WebSphere Application Server Java Batch is vulnerable to an XML External Entity Injection (XXE) vulnerability. This has been addressed. ...read more


Security Bulletin: IBM Security Identity Manager Virtual Appliance deprecated Self Service UI contains Struts V1 (CVE-2016-1182)

Jun 17, 2021 8:00 pm EDT | Medium Severity

IBM Security Identity Manager Virtual Appliance made code changes to remove the deprecated function and its associated Struts V1 code library. ...read more


Security Bulletin: IBM Security Identity Manager deprecated Self Service UI contains Struts V1 (CVE-2016-1182)

Jun 17, 2021 8:00 pm EDT | Medium Severity

IBM Security Identity Manager made code changes to remove the deprecated function and its related Struts V1 code library. ...read more