PT-2022-22681 · Ibm · Ibm Business Automation Workflow
Published
2022-11-03
·
Updated
2022-11-10
·
CVE-2022-35279
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Business Automation Workflow versions 18.0.0.0 through 22.0.1
Description
The issue could disclose sensitive version information to authenticated users, which could be used in further attacks against the system.
Recommendations
For versions 18.0.0.0 through 22.0.1, update to a version that does not disclose sensitive version information to mitigate the risk of further attacks.
Fix
Cleartext Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Business Automation Workflow