CVE-2017-1539

Publication date

2017-09-26 17:00:00

Family

ibm

State

PUBLISHED

Description

IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to privilege escalation by not properly distinguishing internal group memberships from user registry group memberships. By manipulating LDAP group membership an attack might gain privileged access. IBM X-Force ID: 130807.