CVE-2017-1346CVE-2017-1346

Affected configuration(s):

cpe:/a:ibm:business_process_manager:7.5.0.0
cpe:/a:ibm:business_process_manager:7.5.0.0::~~advanced~~~
cpe:/a:ibm:business_process_manager:7.5.0.0::~~express~~~
cpe:/a:ibm:business_process_manager:7.5.0.0::~~standard~~~
cpe:/a:ibm:business_process_manager:7.5.0.1
cpe:/a:ibm:business_process_manager:7.5.0.1::~~advanced~~~
cpe:/a:ibm:business_process_manager:7.5.0.1::~~express~~~
cpe:/a:ibm:business_process_manager:7.5.0.1::~~standard~~~
cpe:/a:ibm:business_process_manager:7.5.1.0
cpe:/a:ibm:business_process_manager:7.5.1.0::~~advanced~~~
cpe:/a:ibm:business_process_manager:7.5.1.0::~~express~~~
cpe:/a:ibm:business_process_manager:7.5.1.0::~~standard~~~
cpe:/a:ibm:business_process_manager:7.5.1.1
cpe:/a:ibm:business_process_manager:7.5.1.1::~~advanced~~~
cpe:/a:ibm:business_process_manager:7.5.1.1::~~express~~~
cpe:/a:ibm:business_process_manager:7.5.1.1::~~standard~~~
cpe:/a:ibm:business_process_manager:7.5.1.2
cpe:/a:ibm:business_process_manager:7.5.1.2::~~advanced~~~
cpe:/a:ibm:business_process_manager:7.5.1.2::~~express~~~
cpe:/a:ibm:business_process_manager:7.5.1.2::~~standard~~~
cpe:/a:ibm:business_process_manager:8.0.0.0
cpe:/a:ibm:business_process_manager:8.0.0.0::~~advanced~~~
cpe:/a:ibm:business_process_manager:8.0.0.0::~~express~~~
cpe:/a:ibm:business_process_manager:8.0.0.0::~~standard~~~
cpe:/a:ibm:business_process_manager:8.0.1.0
cpe:/a:ibm:business_process_manager:8.0.1.0::~~advanced~~~
cpe:/a:ibm:business_process_manager:8.0.1.0::~~express~~~
cpe:/a:ibm:business_process_manager:8.0.1.0::~~standard~~~
cpe:/a:ibm:business_process_manager:8.0.1.1
cpe:/a:ibm:business_process_manager:8.0.1.1::~~advanced~~~
cpe:/a:ibm:business_process_manager:8.0.1.1::~~express~~~
cpe:/a:ibm:business_process_manager:8.0.1.1::~~standard~~~
cpe:/a:ibm:business_process_manager:8.0.1.2
cpe:/a:ibm:business_process_manager:8.0.1.2::~~advanced~~~
cpe:/a:ibm:business_process_manager:8.0.1.2::~~express~~~
cpe:/a:ibm:business_process_manager:8.0.1.2::~~standard~~~
cpe:/a:ibm:business_process_manager:8.0.1.3
cpe:/a:ibm:business_process_manager:8.0.1.3::~~advanced~~~
cpe:/a:ibm:business_process_manager:8.0.1.3::~~express~~~
cpe:/a:ibm:business_process_manager:8.0.1.3::~~standard~~~
cpe:/a:ibm:business_process_manager:8.5.0.0
cpe:/a:ibm:business_process_manager:8.5.0.0::~~advanced~~~
cpe:/a:ibm:business_process_manager:8.5.0.0::~~express~~~
cpe:/a:ibm:business_process_manager:8.5.0.0::~~standard~~~
cpe:/a:ibm:business_process_manager:8.5.0.1
cpe:/a:ibm:business_process_manager:8.5.0.1::~~advanced~~~
cpe:/a:ibm:business_process_manager:8.5.0.1::~~express~~~
cpe:/a:ibm:business_process_manager:8.5.0.1::~~standard~~~
cpe:/a:ibm:business_process_manager:8.5.0.2
cpe:/a:ibm:business_process_manager:8.5.0.2::~~advanced~~~
cpe:/a:ibm:business_process_manager:8.5.0.2::~~express~~~
cpe:/a:ibm:business_process_manager:8.5.0.2::~~standard~~~
cpe:/a:ibm:business_process_manager:8.5.5.0
cpe:/a:ibm:business_process_manager:8.5.5.0::~~advanced~~~
cpe:/a:ibm:business_process_manager:8.5.5.0::~~express~~~
cpe:/a:ibm:business_process_manager:8.5.5.0::~~standard~~~
cpe:/a:ibm:business_process_manager:8.5.6.0
cpe:/a:ibm:business_process_manager:8.5.6.0::~~advanced~~~
cpe:/a:ibm:business_process_manager:8.5.6.0::~~express~~~
cpe:/a:ibm:business_process_manager:8.5.6.0::~~standard~~~
cpe:/a:ibm:business_process_manager:8.5.6.1
cpe:/a:ibm:business_process_manager:8.5.6.1::~~advanced~~~
cpe:/a:ibm:business_process_manager:8.5.6.1::~~express~~~
cpe:/a:ibm:business_process_manager:8.5.6.1::~~standard~~~
cpe:/a:ibm:business_process_manager:8.5.6.2
cpe:/a:ibm:business_process_manager:8.5.6.2::~~advanced~~~
cpe:/a:ibm:business_process_manager:8.5.6.2::~~express~~~
cpe:/a:ibm:business_process_manager:8.5.6.2::~~standard~~~
cpe:/a:ibm:business_process_manager:8.5.7.0
cpe:/a:ibm:business_process_manager:8.5.7.0::~~advanced~~~
cpe:/a:ibm:business_process_manager:8.5.7.0::~~express~~~
cpe:/a:ibm:business_process_manager:8.5.7.0::~~standard~~~

Date published: 2017-09-25T12:29:00.257-04:00

Date last modified: 2017-09-28T15:54:02.090-04:00

CVSS Score: 1.9

Principal attack vector: LOCAL

Complexity:  MEDIUM

Reference URL: http://www.ibm.com/support/docview.wss?uid=swg22004654

Summary: IBM Business Process Manager 7.5, 8.0, and 8.5 temporarily stores files in a temporary folder during offline installs which could be read by a local user within a short timespan. IBM X-Force ID: 126461.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.