CVE-2022-22361 vulnerability in IBM Products
Published on May 31, 2022
IBM Business Automation Workflow traditional 21.0.1 through 21.0.3, 20.0.0.1 through 20.0.0.2, 19.0.0.1 through 19.0.0.3, 18.0.0.0 through 18.0.0.1, IBM Business Automation Workflow containers V21.0.1 - V21.0.3 20.0.0.1 through 20.0.0.2, IBM Business Process Manager 8.6.0.0 through 8.6.0.201803, and 8.5.0.0 through 8.5.0.201706 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
Products Associated with CVE-2022-22361
stack.watch emails you whenever new vulnerabilities are published in IBM Business Automation Workflow or IBM Business Process Manager. Just hit a watch button to start following.
Affected Versions
IBM Business Process Manager:- Version 8.6.0.0 is affected.
- Version 8.5.0.0 is affected.
- Version 8.5.0.201706 is affected.
- Version 8.6.0.201803 is affected.
- Version 18.0.0.0 is affected.
- Version 18.0.0.1 is affected.
- Version 19.0.0.1 is affected.
- Version 19.0.0.3 is affected.
- Version 20.0.0.1 is affected.
- Version 20.0.0.2 is affected.
- Version 21.0.3 is affected.
- Version 21.0.1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.