Home Unlabelled IBM Security Bulletin: Incorrect authorization for update of process instance variables in IBM Business Process Manager (CVE-2016-0349)

IBM Security Bulletin: Incorrect authorization for update of process instance variables in IBM Business Process Manager (CVE-2016-0349)

By
Friday, June 24, 2016
Read
Add Comment

Due to incorrect authorization for update of process instance variables, users without required permission can update process instance variables in IBM Business Process Manager.

CVE(s): CVE-2016-0349

Affected product(s) and affected version(s):

  • IBM Business Process Manager V8.5.7
  • IBM Business Process Manager V8.5.6 through V8.5.6.0 cumulative fix 2

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/28RLo30
X-Force Database: http://ift.tt/28SnQaH



from IBM Product Security Incident Response Team http://ift.tt/28RLurl
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us