CVE-2019-4425

Name of the Vulnerable Software and Affected Versions IBM Business Automation Workflow versions 18.0.0.0 through 18.0.0.2

Description The issue allows a user to obtain highly sensitive information from another user by inserting links that would be clicked on by unsuspecting users.

Recommendations For versions 18.0.0.0 through 18.0.0.2, consider restricting the ability to insert links to prevent exploitation until a fix is available. As a temporary workaround, avoid clicking on links from untrusted sources within the IBM Business Automation Workflow platform. Restrict access to sensitive information to minimize the risk of unauthorized access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.