PT-2026-53970 · Ibm · Business Automation Manager Open Editions
Published
2026-06-30
·
Updated
2026-06-30
·
CVE-2026-13449
CVSS v3.1
7.6
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H |
IBM Business Automation Manager Open Editions 9.0.0 through 9.4.2 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.
Fix
XXE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Business Automation Manager Open Editions