CVE-2018-1885

IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, and 18.0.0.2 could allow an unauthenticated attacker to obtain sensitve information using a specially cracted HTTP request. IBM X-Force ID: 152020.

Link	Resource
https://www.ibm.com/support/docview.wss?uid=ibm10878106	Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/152020	Vendor Advisory VDB Entry
http://www.securityfocus.com/bid/107863	VDB Entry Third Party Advisory

Configuration 1

cpe:2.3:a:ibm:business_automation_workflow:18.0.0.1:*:*:*:*:*:*:* cpe:2.3:a:ibm:business_automation_workflow:18.0.0.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:business_automation_workflow:18.0.0.2:*:*:*:*:*:*:* cpe:2.3:a:ibm:business_process_manager:8.5.6.0:cf1:*:*:*:*:*:* cpe:2.3:a:ibm:business_process_manager:8.5.7.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:business_process_manager:8.5.6.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:business_process_manager:8.5.5.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:business_process_manager:8.5.6.0:cf2:*:*:*:*:*:* cpe:2.3:a:ibm:business_process_manager:8.6.0.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:business_process_manager:8.5.7.0:cf2017.06:*:*:*:*:*:* cpe:2.3:a:ibm:business_process_manager:*:*:*:*:*:*:*:* cpe:2.3:a:ibm:business_process_manager:*:*:*:*:*:*:*:* cpe:2.3:a:ibm:business_process_manager:*:*:*:*:*:*:*:* cpe:2.3:a:ibm:business_process_manager_enterprise_service_bus:8.6:*:*:*:*:*:*:* cpe:2.3:a:ibm:business_process_manager:8.6.0.0:cf2018.03:*:*:*:*:*:* cpe:2.3:a:ibm:websphere_enterprise_service_bus:*:*:*:*:*:*:*:*

---

Published : 2019-04-08 03:29

Updated : 2019-10-09 11:39

---

NVD link : CVE-2018-1885

Mitre link : CVE-2018-1885

No products.

CWE-200