Vulnerabilities > IBM > Cloud PAK FOR Business Automation > 18.0.0

DATE CVE VULNERABILITY TITLE RISK
2024-03-31 CVE-2023-50959 Unspecified vulnerability in IBM Cloud PAK for Business Automation
IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2,19.0.1, 19.0.2, 19.0.3,20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1,2 2.0.2, 23.0.1, and 23.0.2 may allow end users to query more documents than expected from a connected Enterprise Content Management system when configured to use a system account.
network
low complexity
ibm
6.5
6.5
2024-02-04 CVE-2023-50947 Cross-site Scripting vulnerability in IBM products
IBM Business Automation Workflow 22.0.2, 23.0.1, and 23.0.2 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2023-12-18 CVE-2023-40691 Unspecified vulnerability in IBM Cloud PAK for Business Automation
IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 may reveal sensitive information contained in application configuration to developer and administrator users.
network
low complexity
ibm
4.9
4.9
2023-10-14 CVE-2023-35024 Cross-site Scripting vulnerability in IBM Cloud PAK for Business Automation
IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
7.6
7.6
2023-06-27 CVE-2023-32339 Cross-site Scripting vulnerability in IBM Cloud PAK for Business Automation
IBM Business Automation Workflow is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
6.1
2023-02-27 CVE-2023-22860 Cross-site Scripting vulnerability in IBM Cloud PAK for Business Automation
IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2023-02-01 CVE-2023-23469 Unspecified vulnerability in IBM Cloud PAK for Business Automation
IBM ICP4A - Automation Decision Services 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm
3.3
3.3