CNNVD-202601-1623 Information
Jan 09, 2026
cve
CNNVD ID
CNNVD-202601-1623
Related CVE
- CNNVD Published: 2026-01-09
Description (Chinese)
TIM BPM Suite和TIM FLOW都是德国TIM公司的一款业务流程管理软件。 TIM BPM Suite和TIM FLOW 9.1.2及之前版本存在安全漏洞,该漏洞源于Hibernate查询语言注入,可能导致信息泄露。
Description (English)
TIM BPM Suite and TIM FLOW are both a business process management software package of the German company TIM. TIM BPM Suite and TIM FLOW 9.1.2 and previous versions had a security loophole, which originated in Hibernate query language and could lead to information leaks.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
TIM
Published
2026-01-09
Last Modified
2026-02-24
References
https://tim-doc.atlassian.net/wiki/spaces/eng/pages/230981636/Release+Notes https://www.y-security.de/news-en/tim-bpm-suite-tim-flow-multiple-vulnerabilities/ https://access.redhat.com/security/cve/cve-2025-67280
Patch
https://tim-doc.atlassian.net/wiki/spaces/eng/pages/230981636/Release+Notes
Share on: