Vulnerability Monitor

The vendors, products, and vulnerabilities you care about
business_process_manager Vendor: ibm

About This Product

business_process_manager is a software product offered by ibm. This product is widely deployed in production environments, making vulnerability monitoring essential for organizations relying on it. Security vulnerabilities in products of this category can affect system availability, data confidentiality, and integrity across entire networks. The significant number of reported vulnerabilities indicates this product has received substantial security scrutiny and community focus over time. Regular assessment of known vulnerabilities and timely patching are fundamental components of responsible system administration for any deployment of this software.

Vulnerability Landscape Summary

SecUtils has identified 88 known vulnerabilities affecting ibm business_process_manager. This includes 5 high-severity issues requiring prompt remediation. Vulnerabilities in this product have been disclosed spanning from 2013 to 2022, indicating a sustained research interest and ongoing security attention. 70 medium-severity issues and 13 low-severity issues complete the vulnerability landscape. Organizations should prioritize patching based on deployment context, asset criticality, and exploitation likelihood rather than severity alone.

Known Vulnerabilities
ID Date Published Last Modified Severity (CVSSv3) Severity (CVSSv2) Exploit Available
CVE-2013-0581 2013-07-06 2025-04-11 - 3.5 Unknown
CVE-2014-0908 2014-04-10 2025-04-12 - 6.0 Unknown
CVE-2014-0957 2014-07-18 2025-04-12 - 4.3 Likely
CVE-2014-3076 2014-08-11 2025-04-12 - 5.0 Likely
CVE-2014-3087 2014-08-17 2025-04-12 - 4.0 Likely
CVE-2014-3075 2014-09-04 2025-04-12 - 3.5 Unknown
CVE-2014-4758 2014-09-04 2025-04-12 - 4.0 Likely
CVE-2014-4759 2014-09-04 2025-04-12 - 4.0 Likely
CVE-2014-4802 2014-10-07 2025-04-12 - 4.0 Likely
CVE-2014-6101 2014-10-31 2025-04-12 - 4.3 Likely
CVE-2014-6176 2014-12-16 2025-04-12 - 4.3 Likely
CVE-2014-4844 2014-12-17 2025-04-12 - 6.5 Likely
CVE-2014-6182 2014-12-17 2025-04-12 - 4.0 Likely
CVE-2014-6173 2014-12-19 2025-04-12 - 3.5 Unknown
CVE-2014-8913 2015-01-21 2025-04-12 - 3.5 Unknown
CVE-2014-8914 2015-01-21 2025-04-12 - 3.5 Unknown
CVE-2014-6139 2015-02-13 2025-04-12 - 4.0 Likely
CVE-2015-0103 2015-03-24 2025-04-12 - 3.5 Unknown
CVE-2015-0105 2015-03-24 2025-04-12 - 4.3 Likely
CVE-2015-0106 2015-03-24 2025-04-12 - 4.3 Likely
CVE-2015-0158 2015-03-24 2025-04-12 - 4.3 Likely
CVE-2015-0156 2015-05-25 2025-04-12 - 3.5 Unknown
CVE-2015-0193 2015-05-30 2025-04-12 - 3.5 Unknown
CVE-2015-1884 2015-06-28 2025-04-12 - 4.0 Likely
CVE-2015-1961 2015-07-13 2025-04-12 - 9.0 Likely
CVE-2015-1905 2015-07-21 2025-04-12 - 4.0 Likely
CVE-2015-1906 2015-07-21 2025-04-12 - 3.5 Unknown
CVE-2015-1904 2015-08-01 2025-04-12 - 3.5 Unknown
CVE-2015-4955 2015-10-03 2025-04-12 - 3.5 Unknown
CVE-2015-7441 2016-01-01 2025-04-12 6.8 4.9 Unknown
CVE-2015-8524 2016-02-29 2025-04-12 6.1 4.3 Likely
CVE-2016-0227 2016-03-03 2025-04-12 5.4 3.5 Unknown
CVE-2015-7454 2016-03-21 2025-04-12 4.3 4.0 Likely
CVE-2016-0349 2016-06-30 2025-04-12 6.5 4.0 Likely
CVE-2016-5901 2016-10-05 2025-04-12 5.4 3.5 Unknown
CVE-2016-3056 2016-10-14 2025-04-12 5.4 3.5 Unknown
CVE-2016-9731 2017-02-01 2025-04-20 5.4 3.5 Unknown
CVE-2016-9693 2017-03-07 2025-04-20 6.1 6.8 Likely
CVE-2017-1159 2017-05-22 2025-04-20 5.4 4.9 Unknown
CVE-2017-1140 2017-06-08 2025-04-20 5.4 3.5 Unknown
CVE-2015-0101 2017-08-28 2025-04-20 6.1 4.3 Likely
CVE-2015-0110 2017-09-15 2025-04-20 6.5 4.0 Likely
CVE-2017-1346 2017-09-25 2025-04-20 2.5 1.9 Unknown
CVE-2017-1424 2017-09-25 2025-04-20 5.4 3.5 Unknown
CVE-2017-1425 2017-09-26 2025-04-20 5.4 3.5 Unknown
CVE-2017-1527 2017-09-26 2025-04-20 8.1 7.5 Likely
CVE-2017-1530 2017-09-26 2025-04-20 5.4 3.5 Unknown
CVE-2017-1531 2017-09-26 2025-04-20 5.4 3.5 Unknown
CVE-2017-1539 2017-09-26 2025-04-20 8.8 6.5 Likely
CVE-2017-1628 2017-11-27 2025-04-20 6.5 4.0 Likely
CVE-2017-1494 2017-12-20 2025-04-20 5.4 3.5 Unknown
CVE-2017-1769 2018-01-24 2024-11-21 8.8 6.8 Likely
CVE-2015-7463 2018-03-15 2024-11-21 4.3 5.5 Likely
CVE-2017-1756 2018-03-30 2024-11-21 4.0 2.1 Unknown
CVE-2017-1765 2018-03-30 2024-11-21 3.1 4.0 Likely
CVE-2017-1766 2018-03-30 2024-11-21 4.3 4.0 Likely
CVE-2017-1767 2018-03-30 2024-11-21 5.4 3.5 Unknown
CVE-2018-1384 2018-03-30 2024-11-21 5.4 3.5 Unknown
CVE-2018-1674 2018-09-20 2024-11-21 6.3 6.5 Likely
CVE-2018-1848 2018-12-14 2024-11-21 6.1 4.3 Likely
CVE-2018-1885 2019-04-08 2024-11-21 5.3 5.0 Likely
CVE-2018-1997 2019-04-08 2024-11-21 4.3 4.0 Likely
CVE-2018-1999 2019-04-08 2024-11-21 4.3 4.0 Likely
CVE-2018-2000 2019-04-08 2024-11-21 4.3 6.8 Likely
CVE-2019-4045 2019-04-08 2024-11-21 4.3 4.0 Likely
CVE-2019-4204 2019-05-10 2024-11-21 5.4 3.5 Unknown
CVE-2019-4410 2019-07-01 2024-11-21 5.4 3.5 Unknown
CVE-2019-4425 2019-08-20 2024-11-21 5.7 3.5 Unknown
CVE-2019-4424 2019-08-20 2024-11-21 8.2 6.4 Likely
CVE-2019-4149 2019-09-05 2024-11-21 5.4 3.5 Unknown
CVE-2019-4669 2020-02-27 2024-11-21 6.3 6.5 Likely
CVE-2020-4446 2020-05-06 2024-11-21 4.3 4.0 Likely
CVE-2020-4490 2020-05-29 2024-11-21 6.1 5.8 Likely
CVE-2020-4532 2020-06-17 2024-11-21 5.3 5.0 Likely
CVE-2020-4557 2020-06-29 2024-11-21 5.4 3.5 Unknown
CVE-2020-4516 2020-09-08 2024-11-21 5.4 3.5 Unknown
CVE-2020-4698 2020-09-08 2024-11-21 5.4 3.5 Unknown
CVE-2020-4530 2020-09-15 2024-11-21 5.4 3.5 Unknown
CVE-2020-4531 2020-09-25 2024-11-21 5.3 5.0 Likely
CVE-2020-4794 2020-12-21 2024-11-21 5.4 5.5 Likely
CVE-2021-29751 2021-06-28 2024-11-21 4.3 3.5 Unknown
CVE-2021-29834 2021-09-29 2024-11-21 5.4 3.5 Unknown
CVE-2021-29753 2021-11-05 2024-11-21 5.9 4.3 Likely
CVE-2021-38883 2021-12-17 2024-11-21 5.4 3.5 Unknown
CVE-2021-38893 2021-12-21 2024-11-21 5.4 3.5 Unknown
CVE-2021-38900 2021-12-21 2024-11-21 6.5 4.0 Likely
CVE-2021-39046 2022-03-18 2024-11-21 4.9 4.0 Likely
CVE-2022-22361 2022-05-31 2024-11-21 6.5 4.3 Likely

How SecUtils Interprets Product Data

SecUtils normalizes and enriches National Vulnerability Database (NVD) records for ibm business_process_manager by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and structuring the data for rapid analysis and asset correlation. For every vulnerability listed, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference information to enable organizations to prioritize patching and risk assessment efficiently. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for vulnerability management and security operations.