IBM Cloud Pak for Business Automation denial of service
IBM Cloud Pak for Business Automation
24.0.0 and 24.0.1 through 24.0.1 IF001
Authoring allows an authenticated user to bypass client-side data validation in an authoring user interface which could cause a denial of service.
Description: CWE-602 Client-Side Enforcement of Server-Side Security
Metrics
Version
Base score
Base severity
Vector
3.1
6.5
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Version:3.1
Base score:6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC ID
Description
Solutions
IBM Cloud Pak for Business Automation V24.0.1 - V24.0.1-IF001 Apply security fix 24.0.1-IF002
IBM Cloud Pak for Business Automation V24.0.0 - V24.0.1-IF004 Upgrade and apply security fix 24.0.0-IF005