wid-sec-w-2026-1752 · Published 2026-05-31 · View on BSI CERT-Bund ↗

IBM Business Automation Workflow: Multiple Vulnerabilities

CVSS N/A NONE

Risk Summary

Ein Angreifer kann mehrere Schwachstellen in IBM Business Automation Workflow ausnutzen, um Sicherheitsvorkehrungen zu umgehen, um einen Denial of Service Angriff durchzuführen, um Informationen offenzulegen, um Dateien zu manipulieren, und um einen Cross-Site Scripting Angriff durchzuführen.

CVEs (10)

CVE-2011-4969 CVE-2012-6708 CVE-2015-9251 CVE-2019-11358 CVE-2020-7656 CVE-2024-29371 CVE-2025-12183 CVE-2025-14923 CVE-2025-66566 CVE-2026-33186

Affected Vendors

IBM

Affected Products (8)

IBM · Business Automation Workflow <25.0.1-IF001

IBM · Business Automation Workflow 25.0.1-IF001

IBM · Business Automation Workflow <25.0.0-IF005

IBM · Business Automation Workflow 25.0.0-IF005

IBM · Business Automation Workflow <24.0.1-IF007

IBM · Business Automation Workflow 24.0.1-IF007

IBM · Business Automation Workflow <24.0.0-IF009

IBM · Business Automation Workflow 24.0.0-IF009

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more