Remote Artifact Loader (RAL) in IBM WebSphere Process Server 7 and Business Process Manager Advanced 7.5 through 7.5.1.2, 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.2, 8.5.5 through 8.5.5.0, and 8.5.6 through 8.5.6.2 does not properly use SSL for its HTTPS connection, which allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Business_process_manager | Ibm | 7.5.0.0 (including) | 7.5.0.0 (including) |
| Business_process_manager | Ibm | 7.5.0.1 (including) | 7.5.0.1 (including) |
| Business_process_manager | Ibm | 7.5.1.0 (including) | 7.5.1.0 (including) |
| Business_process_manager | Ibm | 7.5.1.1 (including) | 7.5.1.1 (including) |
| Business_process_manager | Ibm | 7.5.1.2 (including) | 7.5.1.2 (including) |
| Business_process_manager | Ibm | 8.0.0.0 (including) | 8.0.0.0 (including) |
| Business_process_manager | Ibm | 8.0.1.0 (including) | 8.0.1.0 (including) |
| Business_process_manager | Ibm | 8.0.1.1 (including) | 8.0.1.1 (including) |
| Business_process_manager | Ibm | 8.0.1.2 (including) | 8.0.1.2 (including) |
| Business_process_manager | Ibm | 8.0.1.3 (including) | 8.0.1.3 (including) |
| Business_process_manager | Ibm | 8.5.0.0 (including) | 8.5.0.0 (including) |
| Business_process_manager | Ibm | 8.5.0.1 (including) | 8.5.0.1 (including) |
| Business_process_manager | Ibm | 8.5.5.0 (including) | 8.5.5.0 (including) |
| Business_process_manager | Ibm | 8.5.6.0 (including) | 8.5.6.0 (including) |
| Business_process_manager | Ibm | 8.5.6.1 (including) | 8.5.6.1 (including) |
| Business_process_manager | Ibm | 8.5.6.2 (including) | 8.5.6.2 (including) |
| Websphere_process_server | Ibm | 7.0 (including) | 7.0 (including) |