CVE-2018-2000

Name of the Vulnerable Software and Affected Versions IBM Business Automation Workflow versions 18.0.0.0 through 18.0.0.1

Description The issue allows an attacker to execute malicious and unauthorized actions by exploiting cross-site request forgery. This could be done by transmitting actions from a user that the website trusts.

Recommendations For versions 18.0.0.0 and 18.0.0.1, consider implementing anti-cross-site request forgery measures, such as token-based validation, to prevent unauthorized actions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.