IBM Business Automation Workflow
Moderate fix4 remedies
cpe:2.3:a:ibm:business_automation_workflow:*:*:*:*:*:*:*
Moderate fix4 remedies
- 25.0.1
- 25.0.0
- 25.0.0-IF003
- 24.0.1
- 24.0.1-IF006
- 24.0.0
- 24.0.0-IF008
IBM Business Automation Workflow Database Structure Information Disclosure Vulnerability
Vulnerability
Patched
An information disclosure vulnerability has been identified in IBM Business Automation Workflow, both in containerized and traditional deployments. This vulnerability may leak details about the application's database structure through error messages. It affects versions 24.0.0, 24.0.1, 25.0.0, and 25.0.1.
Impact
Exposing database structure information can aid attackers in crafting more effective exploitation strategies or in understanding the application's data management, potentially leading to further vulnerabilities or data manipulation.
Remediation
Users are advised to upgrade to IBM Business Automation Workflow version 25.0.1 or version 24.0.1. If using version 25.0.0, upgrade to 25.0.0-IF004. For version 24.0.0, upgrade to 24.0.0-IF009.
Added: May 28, 2026, 5:00 AM
Updated: May 28, 2026, 5:00 AM
Vulnerability Rating
Custom Algorithm
spread
0.8impact
0.6exploitability
5.2remediation
7.7relevance
9.4threat
0.0urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.