CVE-2019-4424 vulnerability in IBM Products
Published on August 20, 2019

IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, and 19.0.0.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 162770.

NVD

Products Associated with CVE-2019-4424

stack.watch emails you whenever new vulnerabilities are published in IBM Business Automation Workflow or IBM Business Process Manager. Just hit a watch button to start following.

IBM Business Automation Workflow

IBM Business Process Manager

Affected Versions

IBM Business Automation Workflow:

Version 18.0.0.0 is affected.
Version 18.0.0.1 is affected.
Version 18.0.0.2 is affected.
Version 19.0.0.1 is affected.
Version 19.0.0.2 is affected.

Exploit Probability

EPSS

0.37%

Percentile

58.41%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-4424 vulnerability in IBM ProductsPublished on August 20, 2019

Products Associated with CVE-2019-4424

Affected Versions

Exploit Probability

CVE-2019-4424 vulnerability in IBM Products
Published on August 20, 2019