Log File Vulnerability Could Leak Sensitive Information
CVE-2024-38321

6.5MEDIUM

Key Information:

Vendor: IBM
Status: Business Automation Workflow
Vendor: CVE Published:; 3 August 2024

Summary

IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 stores potentially sensitive information in log files under certain situations that could be read by an authenticated user. IBM X-Force ID: 284868.

References

https://www.ibm.com/support/pages/node/7162334

https://exchange.xforce.ibmcloud.com/vulnerabilities/294868

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 3, 2024