CVE-2025-1495

Summary

IBM Business Automation Workflow 24.0.0 and 24.0.1 through 24.0.1 IF001 Center may leak sensitive information due to missing authorization validation.

Affected Software

VendorProductVersion RangeStatus
IBMIBM Business Automation Workflow24.0.1 <= 24.0.1 IF001affected
IBMIBM Business Automation Workflow24.0.0affected

Weaknesses

  • CWE-306: CWE-306 Missing Authentication for Critical Function

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References