NVD

Vulnerability Change Records for CVE-2019-4204

Action	Type	Old Value	New Value
Added	CPE Configuration		OR cpe:2.3:a:ibm:business_automation_workflow::::::::* versions from (including) 18.0.0.0 up to (including) 19.0.0.1 cpe:2.3:a:ibm:business_process_manager:8.5.7.0::::::: cpe:2.3:a:ibm:business_process_manager:8.5.7.0:cf2016.06::::::* cpe:2.3:a:ibm:business_process_manager:8.5.7.0:cf2016.09::::::* cpe:2.3:a:ibm:business_process_manager:8.5.7.0:cf2016.12::::::* cpe:2.3:a:ibm:business_process_manager:8.5.7.0:cf2017.03::::::* cpe:2.3:a:ibm:business_process_manager:8.5.7.0:cf2017.06::::::* cpe:2.3:a:ibm:business_process_manager:8.6.0.0::::::: cpe:2.3:a:ibm:business_process_manager:8.6.0.0:cf201803::::::*
Added	CVSS V2		(AV:N/AC:M/Au:S/C:N/I:P/A:N)
Added	CVSS V2 Metadata		Victim must voluntarily interact with attack mechanism
Added	CVSS V3		AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Added	CWE		CWE-79
Changed	Reference Type	https://exchange.xforce.ibmcloud.com/vulnerabilities/159125 No Types Assigned	https://exchange.xforce.ibmcloud.com/vulnerabilities/159125 VDB Entry, Vendor Advisory
Changed	Reference Type	https://www.ibm.com/support/docview.wss?uid=ibm10880499 No Types Assigned	https://www.ibm.com/support/docview.wss?uid=ibm10880499 Patch, Vendor Advisory