Vulnerability Details CVE-2021-29751
IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.5 and 8.6 could allow an authenticated user to obtain sensitive information about another user under nondefault configurations. IBM X-Force ID: 201779.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 45.2%
CVSS Severity
CVSS v3 Score 3.1
CVSS v2 Score 3.5
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/201779
- https://www.ibm.com/support/pages/node/6465127
- https://www.ibm.com/support/pages/node/6467055
- https://exchange.xforce.ibmcloud.com/vulnerabilities/201779
- https://www.ibm.com/support/pages/node/6465127
- https://www.ibm.com/support/pages/node/6467055
Products affected by CVE-2021-29751
-
cpe:2.3:a:ibm:business_automation_workflow:18.0.0.0
-
cpe:2.3:a:ibm:business_automation_workflow:19.0.0.0
-
cpe:2.3:a:ibm:business_automation_workflow:20.0.0.0
-
cpe:2.3:a:ibm:business_process_manager:8.5.0.0
-
cpe:2.3:a:ibm:business_process_manager:8.6.0.0