CVE-2021-38900 vulnerability in IBM Products
Published on December 21, 2021

IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation Workflow 18.0, 19.0, 20.0 and 21.0 could allow a privileged user to obtain highly sensitive information due to improper access controls. IBM X-Force ID: 209607.

NVD

Products Associated with CVE-2021-38900

Want to know whenever a new CVE is published for IBM products? stack.watch will email you.

IBM Business Automation Workflow

IBM Business Process Manager

IBM Workflow Process Service

Affected Versions

IBM Business Automation Workflow:

Version 18.0.0.0 is affected.
Version 18.0.0.1 is affected.
Version 18.0.0.2 is affected.
Version 19.0.0.1 is affected.
Version 19.0.0.2 is affected.
Version 19.0.0.3 is affected.
Version 20.0.0.1 is affected.
Version 20.0.0.2 is affected.
Version 21.0.2 is affected.

IBM Cloud Pak for Automation:

Version 21.0.2 is affected.

Exploit Probability

EPSS

0.25%

Percentile

47.67%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-38900 vulnerability in IBM ProductsPublished on December 21, 2021

Products Associated with CVE-2021-38900

Affected Versions

Exploit Probability

CVE-2021-38900 vulnerability in IBM Products
Published on December 21, 2021