CVE-2015-1905 Information

Description

The REST API in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2 8.0.x through 8.0.1.3 8.5.0 through 8.5.0.1 8.5.5 through 8.5.5.0 and 8.5.6 through 8.5.6.0 allows remote authenticated users to bypass intended access restrictions on task-variable value changes via unspecified vectors.

Reference

http://www.securityfocus.com/bid/75977 http://www.securitytracker.com/id/1033002 http://www-01.ibm.com/support/docview.wss?uid=swg1JR52772 http://www-01.ibm.com/support/docview.wss?uid=swg21700717