High Severity

Security Bulletin: Remote code execution vulnerability affect IBM Business Automation Workflow – CVE-2021-43138

Share this post:

IBM Business Automation Workflow is vulnerable to a remote code execution attack.

CVE(s): CVE-2021-43138

Affected product(s) and affected version(s):

 

Affected Product(s) Version(s) Status
IBM Business Automation Workflow traditional V22.0.1 not affected
IBM Business Automation Workflow containers V22.0.1 not affected
IBM Business Automation Workflow traditional V21.0.3
V21.0.2
affected
IBM Business Automation Workflow containers V21.0.3
V21.0.2
affected
IBM Business Automation Workflow traditional V21.0.1
V20.0.0.1 – V20.0.0.2
V19.0.0.1 – V19.0.0.3
V18.0.0.0 – V18.0.0.1
not affected
IBM Business Automation Workflow containers V21.0.1
V20.0.0.1 – V20.0.0.2
not affected

 

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6600747
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/223605

More stories

Security Bulletin: Operations Dashboard is vulnerable to remote connection exploit by Go CVE-2022-30629

August 12, 2022 | High Severity

Operations Dashboard is vulnerable to remote connection exploit by Go CVE-2022-30629 with details below ...read more


Security Bulletin: Automation Assets in IBM Cloud Pak for Integration is vulnerable to denial of service due to CVE-2022-31129

August 10, 2022 | High Severity

Automation Assets in IBM Cloud Pak for Integration is vulnerable to denial of service due to CVE-2022-31129 with details below ...read more


Security Bulletin: Multiple security vulnerabilities has been identified in IBM® DB2® shipped with IBM PureData System for Operational Analytics

August 10, 2022 | High Severity

IBM® DB2® is shipped as a component of IBM PureData System for Operational Analytics. Information about security vulnerabilities affecting IBM DB2 have been published in a security bulletin (CVE-2022-22389, CVE-2022-22390, CVE-2022-25313, CVE-2022-25236, CVE-2022-25235, CVE-2022-25314, CVE-2022-25315). ...read more