Required CVE Record Information
Description
IBM Business Automation Workflow traditional 21.0.1 through 21.0.3, 20.0.0.1 through 20.0.0.2, 19.0.0.1 through 19.0.0.3, 18.0.0.0 through 18.0.0.1, IBM Business Automation Workflow containers V21.0.1 - V21.0.3 20.0.0.1 through 20.0.0.2, IBM Business Process Manager 8.6.0.0 through 8.6.0.201803, and 8.5.0.0 through 8.5.0.201706 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
CVSS 1 Total
| Score | Severity | Version | Vector String |
|---|---|---|---|
| 4.3 | MEDIUM | 3.0 | CVSS:3.0/PR:N/S:U/C:N/A:N/AC:L/AV:N/UI:R/I:L/RC:C/RL:O/E:U |
Product Status
Learn moreVersions 4 Total
Default Status: unknown
affected
Versions 8 Total
Default Status: unknown
affected
References 2 Total
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 2 Total
- https://www.ibm.com/support/pages/node/6590411 x_transferred
- exchange.xforce.ibmcloud.com: ibm-baw-cve202222361-csrf (220784) vdb-entryx_transferred