PT-2026-3586 · Ibm · Ibm Business Automation Workflow
Published
2026-01-20
·
Updated
2026-02-17
·
CVE-2025-36059
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Business Automation Workflow containers versions 24.0.0 through 24.0.0 Interim Fix 006
IBM Business Automation Workflow containers versions 24.0.1 through 24.0.1 Interim Fix 005
IBM Business Automation Workflow containers versions 25.0.0 through 25.0.0 Interim Fix 002
Description
A local user with access to the container may be able to execute OS system calls.
Recommendations
Update IBM Business Automation Workflow containers to a version after 24.0.0 Interim Fix 006.
Update IBM Business Automation Workflow containers to a version after 24.0.1 Interim Fix 005.
Update IBM Business Automation Workflow containers to a version after 25.0.0 Interim Fix 002.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Business Automation Workflow