Primary

Context

IBM Business Automation Workflow Information Leakage Vulnerability

Vulnerability

Patched

An information leakage vulnerability has been identified in IBM Business Automation Workflow versions 24.0.0 and 24.0.1 prior to 24.0.1 IF001. The issue arises in the Workflow Center, where sensitive information may be exposed due to inadequate authorization validation.

Impact

The vulnerability could lead to unauthorized access to sensitive information.

Remediation

Users are advised to upgrade to version 24.0.1-IF002 for the container version or to apply the fix available through APAR DT424716 for the traditional version.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

2.5

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

2.5

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Business Automation Workflow Information Leakage Vulnerability

Vulnerability

Impact

Remediation

Affected Products

IBM Business Automation Workflow

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating