CVE-2021-29751

medium

Description

IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.5 and 8.6 could allow an authenticated user to obtain sensitive information about another user under nondefault configurations. IBM X-Force ID: 201779.

References

https://www.ibm.com/support/pages/node/6467055

https://www.ibm.com/support/pages/node/6465127

https://exchange.xforce.ibmcloud.com/vulnerabilities/201779

Details

Source: Mitre, NVD

Published: 2021-06-28

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 3.5

Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 4.3

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.00225