CVE-2022-35279

MITJÀ: (4.3)

CVSS3: 3.8

IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3, 20.0.0.1, 20.0.0.2, 21.0.2, 21.0.3 i 22.0.1 podria revelar informació sensible de la versió a usuaris autenticats que podria ser utilitzada en altres atacs contra el sistema. ID d’IBM X-Force: 230537.

Sistemes Afectats

• IBM Business Automation Workflow 18.0.0.0
• IBM Business Automation Workflow 18.0.0.1
• IBM Business Automation Workflow 18.0.0.2
• IBM Business Automation Workflow 19.0.0.1
• IBM Business Automation Workflow 19.0.0.2
• IBM Cloud Pak for Automation 19.0.3
• IBM Business Automation Workflow 19.0.0.3
• IBM Cloud Pak for Automation 20.0.1
• IBM Cloud Pak for Automation 20.0.2
• IBM Business Automation Workflow 20.0.0.1
• IBM Business Automation Workflow 20.0.0.2
• IBM Cloud Pak for Automation 20.0.3
• IBM Cloud Pak for Automation 21.0.1
• IBM Cloud Pak for Automation 21.0.2
• IBM Business Automation Workflow 21.0.2
• IBM Cloud Pak for Automation 21.0.3
• IBM Cloud Pak for Automation 18.0.0
• IBM Cloud Pak for Automation 18.0.2
• IBM Cloud Pak for Automation 19.0.1
• IBM Business Automation Workflow 21.0.3
• IBM Cloud Pak for Automation 18.0.1
• IBM Cloud Pak for Automation 19.0.2
• IBM Business Automation Workflow 21.0.1
• IBM Business Automation Workflow 22.0.1
• IBM Cloud Pak for Automation 22.0.1

Remediació
Consulti el butlletí de seguretat 6618013 d’IBM per a obtenir informació sobre actualitzacions o solucions suggerides.

Referències

• https://www.ibm.com/support/pages/node/6618013
• https://www.ibm.com/support/pages/node/6829847
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35279