Description
IBM Cloud Pak for Business Automation 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through 24.0.1 Interim Fix 005, and 24.0.0 through 24.0.0 Interim Fix 007 could allow an authenticated user to cause a denial of service or corrupt existing data due to the improper validation of input length.
CVSS Metrics
- Vector
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
- Attack Vector
- network
- Complexity
- low
- Privileges
- low
- User Action
- none
- Scope
- unchanged
- Confidentiality
- none
- Integrity
- low
- Availability
- low
- Weaknesses
- CWE-1284
Metadata
- Primary Vendor
- IBM
- Published
- 2/3/2026
- Last Modified
- 2/4/2026
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
IBM : Undergoing Analysis
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.