Vulnonym.com

CVE-2015-1905 - Coppery Labradoodle

Description

The REST API in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2 8.0.x through 8.0.1.3 8.5.0 through 8.5.0.1 8.5.5 through 8.5.5.0 and 8.5.6 through 8.5.6.0 allows remote authenticated users to bypass intended access restrictions on task-variable value changes via unspecified vectors.

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg21700717 http://www-01.ibm.com/support/docview.wss?uid=swg1JR52772 http://www.securityfocus.com/bid/75977 http://www.securitytracker.com/id/1033002