Spoofing of Last Modified By Value in IBM Business Automation Workflow and IBM Business Process Manager

Spoofing of Last Modified By Value in IBM Business Automation Workflow and IBM Business Process Manager

CVE-2019-4045 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

IBM Business Automation Workflow and IBM Business Process Manager 18.0.0.0, 18.0.0.1, and 18.0.0.2 provide embedded document management features. Because of a missing restriction in an API, a client might spoof the last modified by value of a document. IBM X-Force ID: 156241.

Learn more about our Api Penetration Testing.