Ibm

Business Automation Workflow

52 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2025-13096

  • EPSS 0.07%
  • Veröffentlicht 02.02.2026 23:15:58
  • Zuletzt bearbeitet 12.02.2026 19:01:45

IBM Business Automation Workflow containers V25.0.0 through V25.0.0-IF007, V24.0.1 - V24.0.1-IF007, V24.0.0 - V24.0.0-IF007 and IBM Business Automation Workflow traditional V25.0.0, V24.0.1, V24.0.0 is vulnerable to an XML external entity injection (...

5.5

CVE-2025-36058

  • EPSS 0.01%
  • Veröffentlicht 20.01.2026 15:09:07
  • Zuletzt bearbeitet 17.02.2026 17:29:28

IBM Business Automation Workflow containers 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through 24.0.1 Interim Fix 005, and 24.0.0 through 24.0.0 Interim Fix 006. IBM Cloud Pak for Business Automation and IBM Business Automation Workflow containers...

5.5

CVE-2025-36059

  • EPSS 0.01%
  • Veröffentlicht 20.01.2026 15:07:46
  • Zuletzt bearbeitet 17.02.2026 17:24:57

IBM Business Automation Workflow containers 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through 24.0.1 Interim Fix 005, and 24.0.0 through 24.0.0 Interim Fix 006. IBM Cloud Pak for Business Automation could allow a local user with access to the con...

6.1

CVE-2025-36054

  • EPSS 0.15%
  • Veröffentlicht 06.11.2025 14:11:49
  • Zuletzt bearbeitet 12.12.2025 15:21:32

IBM Business Automation Workflow containers 24.0.0 through 24.0.0-IF006, 24.0.1 through 24.0.1-IF004, 25.0.0 through 25.0.0-IF001 and IBM Business Automation Workflow traditional with Process Federation Server 24.0.0 through 24.0.1 and 25.0.0 are vul...

4.3

CVE-2025-1495

Medienbericht
  • EPSS 0.13%
  • Veröffentlicht 03.05.2025 16:53:00
  • Zuletzt bearbeitet 14.08.2025 01:52:35

IBM Business Automation Workflow 24.0.0 and 24.0.1 through 24.0.1 IF001 Center may leak sensitive information due to missing authorization validation.

5.4

CVE-2024-54179

  • EPSS 0.06%
  • Veröffentlicht 03.03.2025 14:15:33
  • Zuletzt bearbeitet 18.08.2025 18:21:11

IBM Business Automation Workflow and IBM Business Automation Workflow Enterprise Service Bus 24.0.0, 24.0.1 and earlier unsupported versions are vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary Ja...

4.9

CVE-2024-43188

  • EPSS 0.09%
  • Veröffentlicht 18.09.2024 12:15:02
  • Zuletzt bearbeitet 29.09.2024 00:24:49

IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 could allow a privileged user to perform unauthorized activities due to improper client side validation.

6.5

CVE-2024-38321

  • EPSS 0.08%
  • Veröffentlicht 03.08.2024 14:15:48
  • Zuletzt bearbeitet 06.09.2024 14:50:53

IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 stores potentially sensitive information in log files under certain situations that could be read by an authenticated user. IBM X-Force ID: 284868.

5.4

CVE-2023-50947

  • EPSS 0.11%
  • Veröffentlicht 04.02.2024 01:15:25
  • Zuletzt bearbeitet 21.11.2024 08:37:35

IBM Business Automation Workflow 22.0.2, 23.0.1, and 23.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to creden...

5.4

CVE-2023-24957

  • EPSS 0.15%
  • Veröffentlicht 06.05.2023 03:15:09
  • Zuletzt bearbeitet 29.01.2025 16:15:39

IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3, 20.0.0.1, 20.0.0.2, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript c...