The REST API in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0 through 8.5.0.1, 8.5.5 through 8.5.5.0, and 8.5.6 through 8.5.6.0 allows remote authenticated. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.
IBM
Authentication Bypass
Business Process Manager
NVD
CVSS 2.0
9.0
EPSS
0.2%