Skip to main content

Process Automation Manager

3 CVEs product

Monthly

CVE-2023-4853 Maven HIGH POC PATCH This Week

A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Denial Of Service Quarkus Build Of Optaplanner Build Of Quarkus Decision Manager +8
NVD
CVSS 3.1
8.1
EPSS
1.2%
CVE-2022-2458 HIGH This Week

XML external entity injection(XXE) is a vulnerability that allows an attacker to interfere with an application's processing of XML data. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Process Automation Manager
NVD
CVSS 3.1
8.2
EPSS
0.7%
CVE-2022-2457 CRITICAL Act Now

A flaw was found in Red Hat Process Automation Manager 7 where an attacker can benefit from a brute force attack against Administration Console as the application does not limit the number of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Red Hat Process Automation Manager
NVD
CVSS 3.1
9.8
EPSS
0.5%
EPSS 1% CVSS 8.1
HIGH POC PATCH This Week

A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Denial Of Service Quarkus Build Of Optaplanner +10
NVD
EPSS 1% CVSS 8.2
HIGH This Week

XML external entity injection(XXE) is a vulnerability that allows an attacker to interfere with an application's processing of XML data. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Process Automation Manager
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

A flaw was found in Red Hat Process Automation Manager 7 where an attacker can benefit from a brute force attack against Administration Console as the application does not limit the number of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Red Hat Process Automation Manager
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy