Local File Storage Vulnerability in IBM Business Process Manager
CVE-2017-1756

4MEDIUM

Key Information:

Vendor

IBM
Status
Business Process Manager
Vendor
CVE Published:
30 March 2018

What is CVE-2017-1756?

The IBM Business Process Manager version 8.6 has a potential security flaw that permits users to store web pages locally. This could allow unauthorized users on the same system to access these files, leading to potential information exposure. Organizations using this product should take precautions to mitigate risks associated with local file accessibility.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Business Process Manager 8.6

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/135856
x_refsource_MISC
http://www.securityfocus.com/bid/103589
vdb-entryx_refsource_BID
http://www.ibm.com/support/docview.wss?uid=swg22010796
x_refsource_CONFIRM

CVSS V3.1

Score:
4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.