IBM Business Process Manager 7.5, 8.0, and 8.5 has a file download capability that is vulnerable to a set of attacks. Ultimately, an attacker can cause an unauthenticated victim to download a malicious payload. An existing file type restriction can be bypassed so that the payload might be considered executable and cause damage on the victim's machine. IBM Reference #: 1998655.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2017-03-07T17:00:00

Updated: 2024-08-06T02:59:03.295Z

Reserved: 2016-12-01T00:00:00

Link: CVE-2016-9693

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2017-03-07T17:59:00.210

Modified: 2017-05-02T01:59:00.797

Link: CVE-2016-9693

cve-icon Redhat

No data.