CVE-2026-1248 - Vulnerability Details - OpenCVE

IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Ibm	Business Automation Workflow Containers And Traditional

No data.

No data.

No data.

References

Link	Providers
https://www.ibm.com/support/pages/node/7271445

History

Wed, 27 May 2026 15:15:00 +0000

Type	Values Removed	Values Added
Description		IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages.
Title		IBM Business Automation Workflow information leak
First Time appeared		Ibm Ibm business Automation Workflow Containers And Traditional
CPEs		cpe:2.3:a:ibm:business_automation_workflow_containers_and_traditional:24.0.0:::::::* cpe:2.3:a:ibm:business_automation_workflow_containers_and_traditional:24.0.0:interim_fix_008:::::: cpe:2.3:a:ibm:business_automation_workflow_containers_and_traditional:24.0.1:::::::* cpe:2.3:a:ibm:business_automation_workflow_containers_and_traditional:24.0.1:interim_fix_006:::::: cpe:2.3:a:ibm:business_automation_workflow_containers_and_traditional:25.0.0:::::::* cpe:2.3:a:ibm:business_automation_workflow_containers_and_traditional:25.0.0:interim_fix_003:::::: cpe:2.3:a:ibm:business_automation_workflow_containers_and_traditional:25.0.1:::::::*
Vendors & Products		Ibm Ibm business Automation Workflow Containers And Traditional
References		https://www.ibm.com/support/pages/node/7271445

MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2026-05-27T14:20:18.979Z

Updated: 2026-05-27T16:18:03.459Z

Reserved: 2026-01-20T18:56:22.473Z

Link: CVE-2026-1248

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-05-27T15:16:24.920

Modified: 2026-05-27T15:16:24.920

Link: CVE-2026-1248

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-1248", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "state": "PUBLISHED", "assignerShortName": "ibm", "dateReserved": "2026-01-20T18:56:22.473Z", "datePublished": "2026-05-27T14:20:18.979Z", "dateUpdated": "2026-05-27T16:18:03.459Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2026-05-27T14:20:18.979Z"}, "title": "IBM Business Automation Workflow information leak", "affected": [{"vendor": "IBM", "product": "Business Automation Workflow containers and traditional", "versions": [{"status": "affected", "version": "25.0.1"}, {"status": "affected", "version": "25.0.0", "lessThanOrEqual": "25.0.0 Interim Fix 003", "versionType": "semver"}, {"status": "affected", "version": "24.0.1", "lessThanOrEqual": "24.0.1 Interim Fix 006", "versionType": "semver"}, {"status": "affected", "version": "24.0.0", "lessThanOrEqual": "24.0.0 Interim Fix 008", "versionType": "semver"}], "cpes": ["cpe:2.3:a:ibm:business_automation_workflow_containers_and_traditional:25.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:business_automation_workflow_containers_and_traditional:25.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:business_automation_workflow_containers_and_traditional:25.0.0:interim_fix_003:*:*:*:*:*:*", "cpe:2.3:a:ibm:business_automation_workflow_containers_and_traditional:24.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:business_automation_workflow_containers_and_traditional:24.0.1:interim_fix_006:*:*:*:*:*:*", "cpe:2.3:a:ibm:business_automation_workflow_containers_and_traditional:24.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:business_automation_workflow_containers_and_traditional:24.0.0:interim_fix_008:*:*:*:*:*:*"]}], "descriptions": [{"lang": "en", "value": "IBM Business Automation Workflow containers and traditional\u00a0may leak information about its database structure in error messages.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>IBM Business Automation Workflow containers and traditional <span>may leak information about its database structure in error messages.</span></p>"}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/7271445", "tags": ["vendor-advisory", "patch"]}], "solutions": [{"lang": "en", "value": "Affected Product(s)Version(s)Remediation / FixIBM Business Automation Workflow containersV25.0.1Apply container 25.0.1-IF001 https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-containers-25010-interim-fixes IBM Business Automation Workflow traditionalV25.0.1Apply traditional 25.0.1-IF001 https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-25010-interim-fixes IBM Business Automation Workflow containersV25.0.0 - V25.0.0-IF003Apply container 25.0.0-IF004 https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-containers-25000-interim-fixes IBM Business Automation Workflow traditionalV25.0.0 - V25.0.0-IF003Apply traditional 25.0.0-IF004 https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-25000-interim-fixes IBM Business Automation Workflow containersV24.0.1 - V24.0.1-IF006Apply container 24.0.1-IF007 https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-containers-24010-interim-fixes IBM Business Automation Workflow traditionalV24.0.1 - V24.0.1-IF006Apply traditional 24.0.1-IF007 https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-24010-interim-fixes IBM Business Automation Workflow containersV24.0.0 - V24.0.0-IF008Apply container 24.0.0-IF009 https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-containers-24000-interim-fixes IBM Business Automation Workflow traditionalV24.0.0 - V24.0.0-IF008Apply traditional 24.0.0-IF009 https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-24000-interim-fixes", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<div><table><thead><tr><th>Affected Product(s)</th><th>Version(s)</th><th>Remediation / Fix</th></tr></thead><tbody><tr><td>IBM Business Automation Workflow containers</td><td>V25.0.1</td><td>Apply container <a href=\"https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-containers-25010-interim-fixes\" rel=\"nofollow\">25.0.1-IF001</a></td></tr><tr><td>IBM Business Automation Workflow traditional</td><td>V25.0.1</td><td>Apply traditional <a href=\"https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-25010-interim-fixes\" rel=\"nofollow\">25.0.1-IF001</a></td></tr><tr><td>IBM Business Automation Workflow containers</td><td>V25.0.0 - V25.0.0-IF003</td><td>Apply container <a href=\"https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-containers-25000-interim-fixes\" rel=\"nofollow\">25.0.0-IF004</a></td></tr><tr><td>IBM Business Automation Workflow traditional</td><td>V25.0.0 - V25.0.0-IF003</td><td>Apply traditional <a href=\"https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-25000-interim-fixes\" rel=\"nofollow\">25.0.0-IF004</a></td></tr><tr><td>IBM Business Automation Workflow containers</td><td>V24.0.1 - V24.0.1-IF006</td><td>Apply container <a href=\"https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-containers-24010-interim-fixes\" rel=\"nofollow\">24.0.1-IF007</a></td></tr><tr><td>IBM Business Automation Workflow traditional</td><td>V24.0.1 - V24.0.1-IF006</td><td>Apply traditional <a href=\"https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-24010-interim-fixes\" rel=\"nofollow\">24.0.1-IF007</a></td></tr><tr><td>IBM Business Automation Workflow containers</td><td>V24.0.0 - V24.0.0-IF008</td><td>Apply container <a href=\"https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-containers-24000-interim-fixes\" rel=\"nofollow\">24.0.0-IF009</a></td></tr><tr><td>IBM Business Automation Workflow traditional</td><td>V24.0.0 - V24.0.0-IF008</td><td>Apply traditional <a href=\"https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-24000-interim-fixes\" rel=\"nofollow\">24.0.0-IF009</a></td></tr></tbody></table></div>"}]}], "x_generator": {"engine": "ibm-cvegen"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-209", "lang": "en", "description": "CWE-209 Generation of Error Message Containing Sensitive Information"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-05-27T16:17:58.791902Z", "id": "CVE-2026-1248", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-27T16:18:03.459Z"}}]}}