CVE-2018-1674

IBM Business Process Manager 8.5 through 8.6 and 18.0.0.0 through 18.0.0.1 are vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 145109.
Configurations

Configuration 1

cpe:2.3:a:ibm:business_process_manager:8.5.5.0:*:*:*:advanced:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.5.0:*:*:*:standard:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.7.0:*:*:*:express:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.7.0:*:*:*:standard:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.5.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.5.0:*:*:*:express:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.7.0:*:*:*:advanced:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.6.0.0:*:*:*:express:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.7.0:cf201706:*:*:express:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.6.0:cf2:*:*:advanced:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.6.0:cf2:*:*:express:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.5.6.0:cf2:*:*:standard:*:*:*
cpe:2.3:a:ibm:business_automation_workflow:18.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:business_automation_workflow:18.0.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:business_process_manager:8.6.0.0:cf201803:*:*:express:*:*:*
cpe:2.3:a:ibm:business_process_manager:*:*:*:*:*:*:*:*

Information

Published : 2018-09-20 03:29

Updated : 2019-10-09 11:38


NVD link : CVE-2018-1674

Mitre link : CVE-2018-1674

Products Affected
No products.
CWE