← Volver a CVEs
CVE-2025-36059
MEDIUM4.7
Descripcion
IBM Business Automation Workflow containers 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through 24.0.1 Interim Fix 005, and 24.0.0 through 24.0.0 Interim Fix 006. IBM Cloud Pak for Business Automation could allow a local user with access to the container to execute OS system calls.
Detalles CVE
Puntuacion CVSS v3.14.7
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
Vector de ataqueLOCAL
ComplejidadHIGH
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado1/20/2026
Ultima modificacion2/17/2026
Fuentenvd
Avistamientos honeypot0
Productos afectados
ibm:business_automation_workflow
Debilidades (CWE)
CWE-250
Referencias
https://www.ibm.com/support/pages/node/7256777(psirt@us.ibm.com)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.