IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3, 20.0.0.1, 20.0.0.2, 21.0.2, 21.0.3, and 22.0.1 could disclose sensitive version information to authenticated users which could be used in further attacks against the system. IBM X-Force ID: 230537.
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Business_automation_workflow | Ibm | 18.0.0.0 (including) | 18.0.0.2 (including) |
| Business_automation_workflow | Ibm | 19.0.0.0 (including) | 19.0.0.3 (including) |
| Business_automation_workflow | Ibm | 20.0.0.1 (including) | 20.0.0.1 (including) |
| Business_automation_workflow | Ibm | 20.0.0.2 (including) | 20.0.0.2 (including) |
| Business_automation_workflow | Ibm | 21.0.1 (including) | 21.0.1 (including) |
| Business_automation_workflow | Ibm | 21.0.2 (including) | 21.0.2 (including) |
| Business_automation_workflow | Ibm | 21.0.3 (including) | 21.0.3 (including) |
| Business_automation_workflow | Ibm | 21.0.3-if002 (including) | 21.0.3-if002 (including) |
| Business_automation_workflow | Ibm | 21.0.3-if005 (including) | 21.0.3-if005 (including) |
| Business_automation_workflow | Ibm | 21.0.3-if006 (including) | 21.0.3-if006 (including) |
| Business_automation_workflow | Ibm | 21.0.3-if007 (including) | 21.0.3-if007 (including) |
| Business_automation_workflow | Ibm | 21.0.3-if008 (including) | 21.0.3-if008 (including) |
| Business_automation_workflow | Ibm | 21.0.3-if009 (including) | 21.0.3-if009 (including) |
| Business_automation_workflow | Ibm | 21.0.3-if010 (including) | 21.0.3-if010 (including) |
| Business_automation_workflow | Ibm | 21.0.3-if011 (including) | 21.0.3-if011 (including) |
| Business_automation_workflow | Ibm | 22.0.1 (including) | 22.0.1 (including) |
| Business_automation_workflow | Ibm | 22.0.1-if001 (including) | 22.0.1-if001 (including) |