CVE-2014-4759
published 2014-09-04CVE-2014-4759: An unspecified Ajax service in the Content Management toolkit in IBM Business Process Manager (BPM) 8.5.x through 8.5.5 allows remote authenticated users to…
medium4CVSS 3.1
AVNACLAuSCPINAN
An unspecified Ajax service in the Content Management toolkit in IBM Business Process Manager (BPM) 8.5.x through 8.5.5 allows remote authenticated users to obtain sensitive information by performing a document-attachment search and then reading document properties in the search results.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | business_process_manager | — | — |
| ibm | business_process_manager | — | — |
| ibm | business_process_manager | — | — |