PT-2026-3585 · Ibm · Ibm Business Automation Workflow+1
Published
2026-01-20
·
Updated
2026-02-17
·
CVE-2025-36058
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Business Automation Workflow containers versions 24.0.0 through 24.0.0 Interim Fix 006
IBM Business Automation Workflow containers versions 24.0.1 through 24.0.1 Interim Fix 005
IBM Business Automation Workflow containers versions 25.0.0 through 25.0.0 Interim Fix 002
Description
IBM Business Automation Workflow containers and IBM Cloud Pak for Business Automation may disclose sensitive configuration information within a config map.
Recommendations
Update IBM Business Automation Workflow containers to a version after 24.0.0 Interim Fix 006.
Update IBM Business Automation Workflow containers to a version after 24.0.1 Interim Fix 005.
Update IBM Business Automation Workflow containers to a version after 25.0.0 Interim Fix 002.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Business Automation Workflow
Ibm Cloud Pak For Business Automation