CVE-2020-4490 vulnerability in IBM Products
Published on May 29, 2020
IBM Business Automation Workflow 18 and 19, and IBM Business Process Manager 8.0, 8.5, and 8.6 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a vitcim to a phishing site. IBM X-Force ID: 181989
Products Associated with CVE-2020-4490
stack.watch emails you whenever new vulnerabilities are published in IBM Business Automation Workflow or IBM Business Process Manager. Just hit a watch button to start following.
Affected Versions
IBM Business Process Manager Advanced:- Version 8.0 is affected.
- Version 8.0.1 is affected.
- Version 8.0.1.1 is affected.
- Version 8.0.1.2 is affected.
- Version 8.5 is affected.
- Version 8.5.0.1 is affected.
- Version 8.5.5 is affected.
- Version 8.0.1.3 is affected.
- Version 8.5.6 is affected.
- Version 8.5.0.2 is affected.
- Version 8.5.7 is affected.
- Version 8.5.7.CF201609 is affected.
- Version 8.5.6.1 is affected.
- Version 8.5.6.2 is affected.
- Version 8.5.7.CF201606 is affected.
- Version 8.5.7.CF201612 is affected.
- Version 8.5.7.CF201703 is affected.
- Version 8.5.7.CF201706 is affected.
- Version 8.6 is affected.
- Version 18.0.0.0 is affected.
- Version 19.0.0.0 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.