Vulnerabilities > Redhat > Process Automation Manager > 7.5.1

DATE CVE VULNERABILITY TITLE RISK
2022-08-10 CVE-2022-2457 Improper Restriction of Excessive Authentication Attempts vulnerability in Redhat Process Automation Manager 7.0/7.5.1
A flaw was found in Red Hat Process Automation Manager 7 where an attacker can benefit from a brute force attack against Administration Console as the application does not limit the number of unsuccessful login attempts.
network
low complexity
redhat CWE-307
critical
 9.8
9.8
2022-08-10 CVE-2022-2458 XXE vulnerability in Redhat Process Automation Manager 7.0/7.5.1
XML external entity injection(XXE) is a vulnerability that allows an attacker to interfere with an application's processing of XML data.
network
low complexity
redhat CWE-611
8.2
8.2
2020-03-05 CVE-2019-14886 Unspecified vulnerability in Redhat Decision Manager and Process Automation Manager
A vulnerability was found in business-central, as shipped in rhdm-7.5.1 and rhpam-7.5.1, where encoded passwords are stored in errai_security_context.
network
low complexity
redhat
6.5
6.5