Back to search
CVE-2014-4759
Published: Sep 4, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
An unspecified Ajax service in the Content Management toolkit in IBM Business Process Manager (BPM) 8.5.x through 8.5.5 allows remote authenticated users to obtain sensitive information by performing a document-attachment search and then reading document properties in the search results.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ibm-websphere-cve20144759-info-disc(94486)
vdb-entry
x_refsource_XF
JR50871
vendor-advisory
x_refsource_AIXAPAR
http://www-01.ibm.com/support/docview.wss?uid=swg21680809
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now