CVE Vulnerabilities

CVE-2015-1905

Published: Jul 21, 2015 | Modified: Apr 12, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4 MEDIUM
AV:N/AC:L/Au:S/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

The REST API in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0 through 8.5.0.1, 8.5.5 through 8.5.5.0, and 8.5.6 through 8.5.6.0 allows remote authenticated users to bypass intended access restrictions on task-variable value changes via unspecified vectors.

Affected Software

Name Vendor Start Version End Version
Business_process_manager Ibm 7.5.0.0 (including) 7.5.0.0 (including)
Business_process_manager Ibm 7.5.0.1 (including) 7.5.0.1 (including)
Business_process_manager Ibm 7.5.1.0 (including) 7.5.1.0 (including)
Business_process_manager Ibm 7.5.1.1 (including) 7.5.1.1 (including)
Business_process_manager Ibm 7.5.1.2 (including) 7.5.1.2 (including)
Business_process_manager Ibm 8.0.0.0 (including) 8.0.0.0 (including)
Business_process_manager Ibm 8.0.1.0 (including) 8.0.1.0 (including)
Business_process_manager Ibm 8.0.1.1 (including) 8.0.1.1 (including)
Business_process_manager Ibm 8.0.1.2 (including) 8.0.1.2 (including)
Business_process_manager Ibm 8.0.1.3 (including) 8.0.1.3 (including)
Business_process_manager Ibm 8.5.0.0 (including) 8.5.0.0 (including)
Business_process_manager Ibm 8.5.0.1 (including) 8.5.0.1 (including)
Business_process_manager Ibm 8.5.6.0 (including) 8.5.6.0 (including)

References