CVE-2020-4446 vulnerability in IBM Products
Published on May 6, 2020
IBM Business Process Manager 8.0, 8.5, and 8.6 and IBM Business Automation Workflow 18.0 and 19.0 could allow a remote attacker to bypass security restrictions, caused by the failure to perform insufficient authorization checks. IBM X-Force ID: 181126.
Products Associated with CVE-2020-4446
stack.watch emails you whenever new vulnerabilities are published in IBM Business Automation Workflow or IBM Business Process Manager. Just hit a watch button to start following.
Affected Versions
IBM Business Process Manager Standard:- Version 8.5.5 is affected.
- Version 8.5.7.CF201706 is affected.
- Version 8.5.7.CF201703 is affected.
- Version 8.5.7.CF201612 is affected.
- Version 8.5.7.CF201609 is affected.
- Version 8.5.7.CF201606 is affected.
- Version 8.5.7 is affected.
- Version 8.5.6.2 is affected.
- Version 8.5.6.1 is affected.
- Version 8.5.6 is affected.
- Version 8.6 is affected.
- Version 8.5.0.2 is affected.
- Version 8.5.0.1 is affected.
- Version 8.5 is affected.
- Version 8.0.1.3 is affected.
- Version 8.0.1.2 is affected.
- Version 8.0.1.1 is affected.
- Version 8.0.1 is affected.
- Version 8.0 is affected.
- Version 18.0.0.0 is affected.
- Version 19.0.0.1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.