CVE-2020-4794
Summary
| CVE | CVE-2020-4794 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-12-21 18:15:00 UTC |
| Updated | 2020-12-22 16:28:00 UTC |
| Description | IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2, IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.6 could allow an authenticated user to obtain sensitive information or cuase a denial of service due to iimproper authorization checking. IBM X-Force ID: 189445. |
Risk And Classification
Problem Types: CWE-863
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Ibm | Automation Workstream Services | 19.0.3 | All | All | All |
| Application | Ibm | Automation Workstream Services | 20.0.1 | All | All | All |
| Application | Ibm | Automation Workstream Services | 20.0.2 | All | All | All |
| Application | Ibm | Automation Workstream Services | 19.0.3 | All | All | All |
| Application | Ibm | Automation Workstream Services | 20.0.1 | All | All | All |
| Application | Ibm | Automation Workstream Services | 20.0.2 | All | All | All |
| Application | Ibm | Business Automation Workflow | 18.0.0.0 | All | All | All |
| Application | Ibm | Business Automation Workflow | 18.0.0.1 | All | All | All |
| Application | Ibm | Business Automation Workflow | 18.0.0.2 | All | All | All |
| Application | Ibm | Business Automation Workflow | 19.0.0.0 | All | All | All |
| Application | Ibm | Business Automation Workflow | 19.0.0.1 | All | All | All |
| Application | Ibm | Business Automation Workflow | 19.0.0.2 | All | All | All |
| Application | Ibm | Business Automation Workflow | 19.0.0.3 | All | All | All |
| Application | Ibm | Business Automation Workflow | 20.0.0.0 | All | All | All |
| Application | Ibm | Business Automation Workflow | 20.0.0.1 | All | All | All |
| Application | Ibm | Business Automation Workflow | 20.0.2.0 | All | All | All |
| Application | Ibm | Business Automation Workflow | 18.0.0.0 | All | All | All |
| Application | Ibm | Business Automation Workflow | 18.0.0.1 | All | All | All |
| Application | Ibm | Business Automation Workflow | 18.0.0.2 | All | All | All |
| Application | Ibm | Business Automation Workflow | 19.0.0.0 | All | All | All |
| Application | Ibm | Business Automation Workflow | 19.0.0.1 | All | All | All |
| Application | Ibm | Business Automation Workflow | 19.0.0.2 | All | All | All |
| Application | Ibm | Business Automation Workflow | 19.0.0.3 | All | All | All |
| Application | Ibm | Business Automation Workflow | 20.0.0.0 | All | All | All |
| Application | Ibm | Business Automation Workflow | 20.0.0.1 | All | All | All |
| Application | Ibm | Business Automation Workflow | 20.0.2.0 | All | All | All |
| Application | Ibm | Business Process Manager | 8.0.0.0 | All | All | All |
| Application | Ibm | Business Process Manager | 8.0.0.0 | All | All | All |
| Application | Ibm | Business Process Manager | 8.0.1.0 | All | All | All |
| Application | Ibm | Business Process Manager | 8.0.1.0 | All | All | All |
| Application | Ibm | Business Process Manager | 8.0.1.1 | All | All | All |
| Application | Ibm | Business Process Manager | 8.0.1.1 | All | All | All |
| Application | Ibm | Business Process Manager | 8.0.1.2 | All | All | All |
| Application | Ibm | Business Process Manager | 8.0.1.2 | All | All | All |
| Application | Ibm | Business Process Manager | 8.0.1.3 | All | All | All |
| Application | Ibm | Business Process Manager | 8.0.1.3 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.0.0 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.0.0 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.0.1 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.0.1 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.0.2 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.0.2 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.5.0 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.5.0 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.6.0 | - | All | All |
| Application | Ibm | Business Process Manager | 8.5.6.0 | - | All | All |
| Application | Ibm | Business Process Manager | 8.5.6.1 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.6.1 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.6.2 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.6.2 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.7.0 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.7.0 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.7.0 | cf201606 | All | All |
| Application | Ibm | Business Process Manager | 8.5.7.0 | cf201606 | All | All |
| Application | Ibm | Business Process Manager | 8.5.7.0 | cf201609 | All | All |
| Application | Ibm | Business Process Manager | 8.5.7.0 | cf201609 | All | All |
| Application | Ibm | Business Process Manager | 8.5.7.0 | cf201612 | All | All |
| Application | Ibm | Business Process Manager | 8.5.7.0 | cf201612 | All | All |
| Application | Ibm | Business Process Manager | 8.5.7.0 | cf201703 | All | All |
| Application | Ibm | Business Process Manager | 8.5.7.0 | cf201703 | All | All |
| Application | Ibm | Business Process Manager | 8.5.7.0 | cf201706 | All | All |
| Application | Ibm | Business Process Manager | 8.5.7.0 | cf201706 | All | All |
| Application | Ibm | Business Process Manager | 8.6 | All | All | All |
| Application | Ibm | Business Process Manager | 8.6 | All | All | All |
| Application | Ibm | Business Process Manager | 8.0.0.0 | All | All | All |
| Application | Ibm | Business Process Manager | 8.0.0.0 | All | All | All |
| Application | Ibm | Business Process Manager | 8.0.1.0 | All | All | All |
| Application | Ibm | Business Process Manager | 8.0.1.0 | All | All | All |
| Application | Ibm | Business Process Manager | 8.0.1.1 | All | All | All |
| Application | Ibm | Business Process Manager | 8.0.1.1 | All | All | All |
| Application | Ibm | Business Process Manager | 8.0.1.2 | All | All | All |
| Application | Ibm | Business Process Manager | 8.0.1.2 | All | All | All |
| Application | Ibm | Business Process Manager | 8.0.1.3 | All | All | All |
| Application | Ibm | Business Process Manager | 8.0.1.3 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.0.0 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.0.0 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.0.1 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.0.1 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.0.2 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.0.2 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.5.0 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.5.0 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.6.0 | - | All | All |
| Application | Ibm | Business Process Manager | 8.5.6.0 | - | All | All |
| Application | Ibm | Business Process Manager | 8.5.6.1 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.6.1 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.6.2 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.6.2 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.7.0 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.7.0 | All | All | All |
| Application | Ibm | Business Process Manager | 8.5.7.0 | cf201606 | All | All |
| Application | Ibm | Business Process Manager | 8.5.7.0 | cf201606 | All | All |
| Application | Ibm | Business Process Manager | 8.5.7.0 | cf201609 | All | All |
| Application | Ibm | Business Process Manager | 8.5.7.0 | cf201609 | All | All |
| Application | Ibm | Business Process Manager | 8.5.7.0 | cf201612 | All | All |
| Application | Ibm | Business Process Manager | 8.5.7.0 | cf201612 | All | All |
| Application | Ibm | Business Process Manager | 8.5.7.0 | cf201703 | All | All |
| Application | Ibm | Business Process Manager | 8.5.7.0 | cf201703 | All | All |
| Application | Ibm | Business Process Manager | 8.5.7.0 | cf201706 | All | All |
| Application | Ibm | Business Process Manager | 8.5.7.0 | cf201706 | All | All |
| Application | Ibm | Business Process Manager | 8.6 | All | All | All |
| Application | Ibm | Business Process Manager | 8.6 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | VDB Entry, Vendor Advisory |
| Security Bulletin: Information disclosure and Denial of Service vulnerability affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) - CVE-2020-4794 | CONFIRM | www.ibm.com | Patch, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.