Improper Authorization Checks in IBM Business Process Manager 8.6.0.0 REST API for Event Manager Control

Improper Authorization Checks in IBM Business Process Manager 8.6.0.0 REST API for Event Manager Control

CVE-2017-1628 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:N/A:P

IBM Business Process Manager 8.6.0.0 allows authenticated users to stop and resume the Event Manager by calling a REST API with incorrect authorization checks.

Learn more about our Api Penetration Testing.