CVE-2018-1674 vulnerability in IBM Products
Published on September 20, 2018
IBM Business Process Manager 8.5 through 8.6 and 18.0.0.0 through 18.0.0.1 are vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 145109.
Products Associated with CVE-2018-1674
stack.watch emails you whenever new vulnerabilities are published in IBM Business Automation Workflow or IBM Business Process Manager. Just hit a watch button to start following.
Affected Versions
IBM Business Process Manager:- Version 8.5 is affected.
- Version 8.5.0.1 is affected.
- Version 8.5.5 is affected.
- Version 8.5.6 is affected.
- Version 8.5.7 is affected.
- Version 8.6 is affected.
- Version 8.6.0.CF201712 is affected.
- Version 8.5.0.2 is affected.
- Version 8.5.6.1 is affected.
- Version 8.5.6.2 is affected.
- Version 8.5.7.CF201606 is affected.
- Version 8.5.7.CF201609 is affected.
- Version 8.5.7.CF201612 is affected.
- Version 8.5.7.CF201703 is affected.
- Version 8.5.7.CF201706 is affected.
- Version 8.6.0.CF201803 is affected.
- Version 18.0.0.0 is affected.
- Version 18.0.0.1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.