Severity
Medium
Analysis Summary
CVE-2022-22361
IBM Business Automation Workflow traditional 21.0.1 through 21.0.3, 20.0.0.1 through 20.0.0.2, 19.0.0.1 through 19.0.0.3, 18.0.0.0 through 18.0.0.1, IBM Business Automation Workflow containers V21.0.1 – V21.0.3 20.0.0.1 through 20.0.0.2, IBM Business Process Manager 8.6.0.0 through 8.6.0.201803, and 8.5.0.0 through 8.5.0.201706 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
Impact
- Unauthorized Access
Indicators Of Compromise
CVE
- CVE-2022-22361
Affected Vendors
IBM
Affected Products
IBM Business Process Manager 8.6.0.0
IBM Business Automation Workflow 18.0.0.0
IBM Business Automation Workflow 18.0.0.1
IBM Business Automation Workflow 19.0.0.1
Remediation
Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.