CNNVD-202601-3218 Information

Jan 20, 2026 cve

CNNVD ID

CNNVD-202601-3218

CVE-2025-36058

  • CNNVD Published: 2026-01-20

Description (Chinese)

IBM Business Automation Workflow是美国国际商业机器(IBM)公司的一套工作流程自动化解决方案。该产品主要用于工作流程管理、合规性管理,并具有工作流程可见性和可扩展等特点。 IBM Business Automation Workflow存在安全漏洞,该漏洞源于配置映射中可能泄露敏感配置信息。以下版本受到影响:25.0.0版本至25.0.0 Interim Fix 002版本、24.0.1版本至24.0.1 Interim Fix 005版本和24.0.0版本至24.0.0 Interim Fix 006版本。

Description (English)

IBM Business Automation Workflow is an automated workflow solution for IBM. The product is primarily used for workflow management, compliance management and has features such as workflow visibility and scalability. There is a security loophole in IBM Business Action WorkFlow, which stems from the possible leaking of sensitive configuration information in the configuration map. The following versions were affected: 25.0.0 to 25.0.0 Interim Fix 002, 24.0.1 to 24.0.1 Interim Fix 005 and 24.0.0 to 24.0.0 Interim Fix 006.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

国际商业机器

Published

2026-01-20

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7256777

Patch

https://www.ibm.com/products/business-automation-workflow

Share on: