CNNVD-202601-1620 Information

CNNVD ID

CNNVD-202601-1620

Related CVE

CVE-2025-67281

• CNNVD Published: 2026-01-09

Description (Chinese)

TIM BPM Suite和TIM FLOW都是德国TIM公司的一款业务流程管理软件。 TIM BPM Suite,TIM FLOW 9.1.2及之前版本存在安全漏洞，该漏洞源于SQL注入，可能导致未经授权访问数据库。

Description (English)

TIM BPM Suite and TIM FLOW are both a business process management software package of the German company TIM. TIM BPM Suite, TIM FLOW 9.1.2 and previous versions have a security loophole, which originated in the SQL injection and could lead to unauthorized access to the database.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

TIM

Published

2026-01-09

Last Modified

2026-02-24

References

https://tim-doc.atlassian.net/wiki/spaces/eng/pages/230981636/Release+Notes https://www.y-security.de/news-en/tim-bpm-suite-tim-flow-multiple-vulnerabilities/ https://access.redhat.com/security/cve/cve-2025-67281

Patch

https://tim-doc.atlassian.net/wiki/spaces/eng/pages/230981636/Release+Notes