PT-2026-5697 · Ibm · Ibm Business Automation Workflow
Published
2026-02-02
·
Updated
2026-05-28
·
CVE-2025-13096
CVSS v3.1
7.1
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
IBM Business Automation Workflow containers versions 24.0.0 through 25.0.0-IF007
IBM Business Automation Workflow traditional versions 24.0.0 through 25.0.0
Description
The software is susceptible to an XML External Entity (XXE) attack when handling XML data. A remote attacker may be able to exploit this issue to reveal sensitive information or exhaust memory resources.
Recommendations
IBM Business Automation Workflow containers versions 24.0.0 through 25.0.0-IF007 should be updated.
IBM Business Automation Workflow traditional versions 24.0.0 through 25.0.0 should be updated.
Fix
SSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Business Automation Workflow