Lucene search
K

26 matches found

RedhatCVE
RedhatCVE
added 2026/02/04 3:15 a.m.6 views

CVE-2025-36436

IBM Cloud Pak for Business Automation 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through 24.0.1 Interim Fix 005, and 24.0.0 through 24.0.0 Interim Fix 007 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web...

6.4CVSS7AI score0.0021EPSS
Exploits0References1
CVE
CVE
added 2026/02/03 10:6 p.m.14 views

CVE-2025-36094

CVE-2025-36094 affects IBM Cloud Pak for Business Automation. The issue is caused by improper validation of input length, allowing an authenticated user to cause a denial of service or corrupt existing data. Affected versions include 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through 24.0.1 In...

8.1CVSS5.4AI score0.00215EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/03 10:6 p.m.4 views

CVE-2025-36094 Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for January 2026.

IBM Cloud Pak for Business Automation 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through 24.0.1 Interim Fix 005, and 24.0.0 through 24.0.0 Interim Fix 007 could allow an authenticated user to cause a denial of service or corrupt existing data due to the improper validation of input length...

5.4CVSS5.4AI score0.00215EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/02 9:51 p.m.3 views

CVE-2025-36436

IBM Cloud Pak for Business Automation 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through 24.0.1 Interim Fix 005, and 24.0.0 through 24.0.0 Interim Fix 007 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web...

6.4CVSS5AI score0.0021EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/01/20 4:16 p.m.4 views

CVE-2025-36058

IBM Business Automation Workflow containers 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through 24.0.1 Interim Fix 005, and 24.0.0 through 24.0.0 Interim Fix 006. IBM Cloud Pak for Business Automation and IBM Business Automation Workflow containers may disclose sensitve configuration informatio...

5.5CVSS7.3AI score0.0011EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/04 12:32 a.m.4 views

EUVD-2025-37552

IBM Cloud Pak for Business Automation 25.0.0 through 25.0.0 Interim Fix 001, 24.0.1 through 24.0.1 Interim Fix 004, 24.0.0 through 24.0.0 Interim Fix 006, and earlier unsupported releases IBM Business Automation Workflow is vulnerable to stored cross-site scripting. This vulnerability allows an...

6.4CVSS5.8AI score0.00144EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/03 12:0 a.m.6 views

PT-2025-44780

Name of the Vulnerable Software and Affected Versions IBM Cloud Pak For Business Automation versions 25.0.0, 24.0.1, and 24.0.0 Description IBM Cloud Pak For Business Automation may allow an attacker to access unauthorized content or perform unauthorized actions through man-in-the-middle techniqu...

7.4CVSS6.2AI score0.00213EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/11/03 12:0 a.m.3 views

IBM Cloud Pak for Business Automation 安全漏洞

IBM Cloud Pak for Business Automation is a suite of modular, integrated software components for any type of hybrid cloud environment, designed to accelerate business growth and improve operational efficiency by automating technologies that enable digital transformation of business processes. A...

6.5CVSS7.1AI score0.00362EPSS
Exploits0References1
OSV
OSV
added 2025/08/08 3:15 p.m.3 views

CVE-2025-36023

IBM Cloud Pak for Business Automation 24.0.0 through 24.0.0 IF005 and 24.0.1 through 24.0.1 IF002 could allow an authenticated user to view sensitive user and system information due to an indirect object reference through a user-controlled key...

6.5CVSS7.3AI score0.00238EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/08 12:0 a.m.7 views

PT-2025-32362 · Ibm · Ibm Cloud Pak For Business Automation

Name of the Vulnerable Software and Affected Versions: IBM Cloud Pak for Business Automation versions 24.0.0 through 24.0.0 IF005 IBM Cloud Pak for Business Automation versions 24.0.1 through 24.0.1 IF002 Description: The software contains a flaw that may allow an authenticated user to view...

6.5CVSS9.3AI score0.00238EPSS
Exploits0References6
OSV
OSV
added 2025/05/03 4:15 p.m.5 views

CVE-2024-41753

IBM Cloud Pak for Business Automation 24.0.0 through 24.0.0 IF004 and 24.0.1 through 24.0.1 IF001 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially...

6.1CVSS5.4AI score0.00212EPSS
Exploits0References1
OSV
OSV
added 2024/07/08 3:15 a.m.3 views

CVE-2024-31897

IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, 22.0.2, 23.0.1, and 23.0.2 vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the...

4.3CVSS7.3AI score
Exploits0References2
OSV
OSV
added 2024/03/21 2:47 a.m.5 views

CVE-2023-35899

IBM Cloud Pak for Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file...

9.8CVSS6.1AI score0.00644EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/21 12:0 a.m.3 views

IBM Cloud Pak for Automation 安全漏洞

IBM Cloud Pak for Automation is an intelligent software platform for building automation applications in cloud environments from International Business Machines IBM. The platform uses pre-integrated automation technologies and low-code tools to design, build and run automation applications and...

9.8CVSS7.6AI score0.00644EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/03/05 6:55 p.m.9 views

CVE-2023-35899 IBM Cloud Pak for Automation CSV injection

IBM Cloud Pak for Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file...

7CVSS7.4AI score0.00644EPSS
Exploits0References2
OSV
OSV
added 2022/11/03 8:15 p.m.5 views

CVE-2022-42442

IBM Robotic Process Automation for Cloud Pak 21.0.1, 21.0.2, 21.0.3, 21.0.4, and 21.0.5 is vulnerable to exposure of the first tenant owner e-mail address to users with access to the container platform. IBM X-Force ID: 238214...

3.3CVSS5.8AI score0.00179EPSS
Exploits0References2
OSV
OSV
added 2022/01/18 5:15 p.m.3 views

CVE-2021-29872

IBM Cloud Pak for Automation 21.0.1 and 21.0.2 - Business Automation Studio Component is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to inject HTTP...

5.4CVSS6AI score0.00771EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/01/18 4:50 p.m.10 views

CVE-2021-29872

IBM Cloud Pak for Automation 21.0.1 and 21.0.2 - Business Automation Studio Component is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to inject HTTP...

5.4CVSS5.5AI score0.00771EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/01/18 12:0 a.m.4 views

IBM Cloud Pak for Automation 安全漏洞

IBM Cloud Pak for Automation is an intelligent software platform for building automation applications in cloud environments from IBM USA. The platform uses pre-integrated automation technologies and low-code tools to design, build and run automation applications and services on any cloud. A...

5.4CVSS5.5AI score0.00771EPSS
Exploits0References3
OSV
OSV
added 2021/12/21 7:15 p.m.3 views

CVE-2021-38966

IBM Cloud Pak for Automation 21.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 212357...

5.4CVSS6.9AI score0.0048EPSS
Exploits0References2
Rows per page
Query Builder