CVE-2019-4669 vulnerability in IBM Products
Published on February 27, 2020

IBM Business Process Manager 8.5.7.0 through 8.5.7.0 2017.06, 8.6.0.0 through 8.6.0.0 CF2018.03, and IBM Business Automation Workflow 18.0.0.1 through 19.0.0.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 171254.

NVD

Products Associated with CVE-2019-4669

stack.watch emails you whenever new vulnerabilities are published in IBM Business Automation Workflow or IBM Business Process Manager. Just hit a watch button to start following.

IBM Business Automation Workflow

IBM Business Process Manager

Affected Versions

IBM Business Automation Workflow:

Version 18.0.0.1 is affected.
Version 19.0.0.3 is affected.

IBM Business Process Manager:

Version 8.6.0.0 is affected.
Version 8.5.7.0 is affected.
Version 8.6.0.0.CF2018.03 is affected.
Version 8.5.7.0.2017.06 is affected.

Exploit Probability

EPSS

0.27%

Percentile

49.67%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-4669 vulnerability in IBM ProductsPublished on February 27, 2020

Products Associated with CVE-2019-4669

Affected Versions

Exploit Probability

CVE-2019-4669 vulnerability in IBM Products
Published on February 27, 2020