{"api_version":"1","generated_at":"2026-06-26T01:21:57+00:00","cve":"CVE-2026-1248","urls":{"html":"https://cve.report/CVE-2026-1248","api":"https://cve.report/api/cve/CVE-2026-1248.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-1248","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-1248"},"summary":{"title":"IBM Business Automation Workflow information leak","description":"IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages.","state":"PUBLISHED","assigner":"ibm","published_at":"2026-05-27 15:16:24","updated_at":"2026-05-28 17:19:25"},"problem_types":["CWE-209","CWE-209 CWE-209 Generation of Error Message Containing Sensitive Information"],"metrics":[{"version":"3.1","source":"ADP","type":"DECLARED","score":"4.3","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":4.3,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","version":"3.1"}},{"version":"3.1","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","score":"4.3","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"}}],"references":[{"url":"https://www.ibm.com/support/pages/node/7271445","name":"https://www.ibm.com/support/pages/node/7271445","refsource":"psirt@us.ibm.com","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-1248","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-1248","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"IBM","product":"Business Automation Workflow containers and traditional","version":"affected 25.0.1","platforms":[]},{"source":"CNA","vendor":"IBM","product":"Business Automation Workflow containers and traditional","version":"affected 25.0.0 25.0.0 Interim Fix 003 semver","platforms":[]},{"source":"CNA","vendor":"IBM","product":"Business Automation Workflow containers and traditional","version":"affected 24.0.1 24.0.1 Interim Fix 006 semver","platforms":[]},{"source":"CNA","vendor":"IBM","product":"Business Automation Workflow containers and traditional","version":"affected 24.0.0 24.0.0 Interim Fix 008 semver","platforms":[]}],"timeline":[],"solutions":[{"source":"CNA","title":"","value":"Affected Product(s)Version(s)Remediation / FixIBM Business Automation Workflow containersV25.0.1Apply container  25.0.1-IF001 https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-containers-25010-interim-fixes IBM Business Automation Workflow traditionalV25.0.1Apply traditional  25.0.1-IF001 https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-25010-interim-fixes IBM Business Automation Workflow containersV25.0.0 - V25.0.0-IF003Apply container  25.0.0-IF004 https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-containers-25000-interim-fixes IBM Business Automation Workflow traditionalV25.0.0 - V25.0.0-IF003Apply traditional  25.0.0-IF004 https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-25000-interim-fixes IBM Business Automation Workflow containersV24.0.1 - V24.0.1-IF006Apply container  24.0.1-IF007 https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-containers-24010-interim-fixes IBM Business Automation Workflow traditionalV24.0.1 - V24.0.1-IF006Apply traditional  24.0.1-IF007 https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-24010-interim-fixes IBM Business Automation Workflow containersV24.0.0 - V24.0.0-IF008Apply container  24.0.0-IF009 https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-containers-24000-interim-fixes IBM Business Automation Workflow traditionalV24.0.0 - V24.0.0-IF008Apply traditional  24.0.0-IF009 https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-24000-interim-fixes","time":"","lang":"en"}],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.0","cpe7":"-","cpe8":"*","cpe9":"*","cpe10":"containers","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.0","cpe7":"-","cpe8":"*","cpe9":"*","cpe10":"traditional","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.0","cpe7":"if001","cpe8":"*","cpe9":"*","cpe10":"containers","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.0","cpe7":"if001","cpe8":"*","cpe9":"*","cpe10":"traditional","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.0","cpe7":"if002","cpe8":"*","cpe9":"*","cpe10":"containers","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.0","cpe7":"if002","cpe8":"*","cpe9":"*","cpe10":"traditional","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.0","cpe7":"if003","cpe8":"*","cpe9":"*","cpe10":"containers","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.0","cpe7":"if003","cpe8":"*","cpe9":"*","cpe10":"traditional","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.0","cpe7":"if004","cpe8":"*","cpe9":"*","cpe10":"containers","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.0","cpe7":"if004","cpe8":"*","cpe9":"*","cpe10":"traditional","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.0","cpe7":"if005","cpe8":"*","cpe9":"*","cpe10":"containers","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.0","cpe7":"if005","cpe8":"*","cpe9":"*","cpe10":"traditional","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.0","cpe7":"if006","cpe8":"*","cpe9":"*","cpe10":"containers","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.0","cpe7":"if006","cpe8":"*","cpe9":"*","cpe10":"traditional","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.0","cpe7":"if007","cpe8":"*","cpe9":"*","cpe10":"containers","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.0","cpe7":"if007","cpe8":"*","cpe9":"*","cpe10":"traditional","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.0","cpe7":"if008","cpe8":"*","cpe9":"*","cpe10":"containers","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.0","cpe7":"if008","cpe8":"*","cpe9":"*","cpe10":"traditional","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.1","cpe7":"-","cpe8":"*","cpe9":"*","cpe10":"containers","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.1","cpe7":"-","cpe8":"*","cpe9":"*","cpe10":"traditional","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.1","cpe7":"if001","cpe8":"*","cpe9":"*","cpe10":"containers","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.1","cpe7":"if001","cpe8":"*","cpe9":"*","cpe10":"traditional","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.1","cpe7":"if002","cpe8":"*","cpe9":"*","cpe10":"containers","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.1","cpe7":"if002","cpe8":"*","cpe9":"*","cpe10":"traditional","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.1","cpe7":"if003","cpe8":"*","cpe9":"*","cpe10":"containers","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.1","cpe7":"if003","cpe8":"*","cpe9":"*","cpe10":"traditional","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.1","cpe7":"if004","cpe8":"*","cpe9":"*","cpe10":"containers","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.1","cpe7":"if004","cpe8":"*","cpe9":"*","cpe10":"traditional","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.1","cpe7":"if005","cpe8":"*","cpe9":"*","cpe10":"containers","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.1","cpe7":"if005","cpe8":"*","cpe9":"*","cpe10":"traditional","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.1","cpe7":"if006","cpe8":"*","cpe9":"*","cpe10":"containers","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"24.0.1","cpe7":"if006","cpe8":"*","cpe9":"*","cpe10":"traditional","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"25.0.0","cpe7":"-","cpe8":"*","cpe9":"*","cpe10":"containers","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"25.0.0","cpe7":"-","cpe8":"*","cpe9":"*","cpe10":"traditional","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"25.0.0","cpe7":"if001","cpe8":"*","cpe9":"*","cpe10":"containers","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"25.0.0","cpe7":"if001","cpe8":"*","cpe9":"*","cpe10":"traditional","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"25.0.0","cpe7":"if002","cpe8":"*","cpe9":"*","cpe10":"containers","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"25.0.0","cpe7":"if002","cpe8":"*","cpe9":"*","cpe10":"traditional","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"25.0.0","cpe7":"if003","cpe8":"*","cpe9":"*","cpe10":"containers","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"25.0.0","cpe7":"if003","cpe8":"*","cpe9":"*","cpe10":"traditional","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"25.0.1","cpe7":"-","cpe8":"*","cpe9":"*","cpe10":"containers","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"1248","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"business_automation_workflow","cpe6":"25.0.1","cpe7":"-","cpe8":"*","cpe9":"*","cpe10":"traditional","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"1248","cve":"CVE-2026-1248","epss":"0.000290000","percentile":"0.087380000","score_date":"2026-06-02","updated_at":"2026-06-03 00:08:17"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":4.3,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","version":"3.1"}},{"other":{"content":{"id":"CVE-2026-1248","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2026-05-27T16:17:58.791902Z","version":"2.0.3"},"type":"ssvc"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-209","description":"CWE-209 Generation of Error Message Containing Sensitive Information","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-05-27T16:18:03.459Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"cpes":["cpe:2.3:a:ibm:business_automation_workflow_containers_and_traditional:25.0.1:*:*:*:*:*:*:*","cpe:2.3:a:ibm:business_automation_workflow_containers_and_traditional:25.0.0:*:*:*:*:*:*:*","cpe:2.3:a:ibm:business_automation_workflow_containers_and_traditional:25.0.0:interim_fix_003:*:*:*:*:*:*","cpe:2.3:a:ibm:business_automation_workflow_containers_and_traditional:24.0.1:*:*:*:*:*:*:*","cpe:2.3:a:ibm:business_automation_workflow_containers_and_traditional:24.0.1:interim_fix_006:*:*:*:*:*:*","cpe:2.3:a:ibm:business_automation_workflow_containers_and_traditional:24.0.0:*:*:*:*:*:*:*","cpe:2.3:a:ibm:business_automation_workflow_containers_and_traditional:24.0.0:interim_fix_008:*:*:*:*:*:*"],"product":"Business Automation Workflow containers and traditional","vendor":"IBM","versions":[{"status":"affected","version":"25.0.1"},{"lessThanOrEqual":"25.0.0 Interim Fix 003","status":"affected","version":"25.0.0","versionType":"semver"},{"lessThanOrEqual":"24.0.1 Interim Fix 006","status":"affected","version":"24.0.1","versionType":"semver"},{"lessThanOrEqual":"24.0.0 Interim Fix 008","status":"affected","version":"24.0.0","versionType":"semver"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>IBM Business Automation Workflow containers and traditional&nbsp;<span>may leak information about its database structure in error messages.</span></p>"}],"value":"IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages."}],"providerMetadata":{"dateUpdated":"2026-05-27T14:20:18.979Z","orgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","shortName":"ibm"},"references":[{"tags":["vendor-advisory","patch"],"url":"https://www.ibm.com/support/pages/node/7271445"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<div><table><thead><tr><th>Affected Product(s)</th><th>Version(s)</th><th>Remediation / Fix</th></tr></thead><tbody><tr><td>IBM Business Automation Workflow containers</td><td>V25.0.1</td><td>Apply container <a href=\"https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-containers-25010-interim-fixes\" rel=\"nofollow\">25.0.1-IF001</a></td></tr><tr><td>IBM Business Automation Workflow traditional</td><td>V25.0.1</td><td>Apply traditional <a href=\"https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-25010-interim-fixes\" rel=\"nofollow\">25.0.1-IF001</a></td></tr><tr><td>IBM Business Automation Workflow containers</td><td>V25.0.0 - V25.0.0-IF003</td><td>Apply container <a href=\"https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-containers-25000-interim-fixes\" rel=\"nofollow\">25.0.0-IF004</a></td></tr><tr><td>IBM Business Automation Workflow traditional</td><td>V25.0.0 - V25.0.0-IF003</td><td>Apply traditional <a href=\"https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-25000-interim-fixes\" rel=\"nofollow\">25.0.0-IF004</a></td></tr><tr><td>IBM Business Automation Workflow containers</td><td>V24.0.1 - V24.0.1-IF006</td><td>Apply container <a href=\"https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-containers-24010-interim-fixes\" rel=\"nofollow\">24.0.1-IF007</a></td></tr><tr><td>IBM Business Automation Workflow traditional</td><td>V24.0.1 - V24.0.1-IF006</td><td>Apply traditional <a href=\"https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-24010-interim-fixes\" rel=\"nofollow\">24.0.1-IF007</a></td></tr><tr><td>IBM Business Automation Workflow containers</td><td>V24.0.0 - V24.0.0-IF008</td><td>Apply container <a href=\"https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-containers-24000-interim-fixes\" rel=\"nofollow\">24.0.0-IF009</a></td></tr><tr><td>IBM Business Automation Workflow traditional</td><td>V24.0.0 - V24.0.0-IF008</td><td>Apply traditional <a href=\"https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-24000-interim-fixes\" rel=\"nofollow\">24.0.0-IF009</a></td></tr></tbody></table></div>"}],"value":"Affected Product(s)Version(s)Remediation / FixIBM Business Automation Workflow containersV25.0.1Apply container  25.0.1-IF001 https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-containers-25010-interim-fixes IBM Business Automation Workflow traditionalV25.0.1Apply traditional  25.0.1-IF001 https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-25010-interim-fixes IBM Business Automation Workflow containersV25.0.0 - V25.0.0-IF003Apply container  25.0.0-IF004 https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-containers-25000-interim-fixes IBM Business Automation Workflow traditionalV25.0.0 - V25.0.0-IF003Apply traditional  25.0.0-IF004 https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-25000-interim-fixes IBM Business Automation Workflow containersV24.0.1 - V24.0.1-IF006Apply container  24.0.1-IF007 https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-containers-24010-interim-fixes IBM Business Automation Workflow traditionalV24.0.1 - V24.0.1-IF006Apply traditional  24.0.1-IF007 https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-24010-interim-fixes IBM Business Automation Workflow containersV24.0.0 - V24.0.0-IF008Apply container  24.0.0-IF009 https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-containers-24000-interim-fixes IBM Business Automation Workflow traditionalV24.0.0 - V24.0.0-IF008Apply traditional  24.0.0-IF009 https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-24000-interim-fixes"}],"title":"IBM Business Automation Workflow information leak","x_generator":{"engine":"ibm-cvegen"}}},"cveMetadata":{"assignerOrgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","assignerShortName":"ibm","cveId":"CVE-2026-1248","datePublished":"2026-05-27T14:20:18.979Z","dateReserved":"2026-01-20T18:56:22.473Z","dateUpdated":"2026-05-27T16:18:03.459Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-05-27 15:16:24","lastModifiedDate":"2026-05-28 17:19:25","problem_types":["CWE-209","CWE-209 CWE-209 Generation of Error Message Containing Sensitive Information"],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.0:-:*:*:containers:*:*:*","matchCriteriaId":"EF29B7C7-5024-4A85-ADE5-D94E9002181D"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.0:-:*:*:traditional:*:*:*","matchCriteriaId":"475B8FBB-09BA-4509-B007-2AA407DCA3B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.0:if001:*:*:containers:*:*:*","matchCriteriaId":"8464D4F4-1F9A-479B-B689-C6E90BC3AF45"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.0:if001:*:*:traditional:*:*:*","matchCriteriaId":"6EDAD1E1-BDB8-4B23-AA83-7678355AB5CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.0:if002:*:*:containers:*:*:*","matchCriteriaId":"0FE0DB1D-5728-4075-BE84-48F06E22FDF5"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.0:if002:*:*:traditional:*:*:*","matchCriteriaId":"5EF56DFD-48DB-4DA1-9056-A980DC7CA697"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.0:if003:*:*:containers:*:*:*","matchCriteriaId":"A4AB37B4-DF91-4DC7-AFB9-107E5B1B2BF6"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.0:if003:*:*:traditional:*:*:*","matchCriteriaId":"C1711BF6-5F1A-4238-A4D0-C80602B11C49"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.0:if004:*:*:containers:*:*:*","matchCriteriaId":"79318EB6-001D-4D75-952C-87297C90A0C8"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.0:if004:*:*:traditional:*:*:*","matchCriteriaId":"11C6C4D0-E200-43E3-A779-ED7BBB057032"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.0:if005:*:*:containers:*:*:*","matchCriteriaId":"38F4B5AC-AC9D-48E7-9EC8-48C086CC62A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.0:if005:*:*:traditional:*:*:*","matchCriteriaId":"33079C3C-3415-4305-A015-37C46BBB46E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.0:if006:*:*:containers:*:*:*","matchCriteriaId":"73BAD8DC-3081-4D07-8E65-7501351DE025"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.0:if006:*:*:traditional:*:*:*","matchCriteriaId":"784B6E6A-2F7F-488F-A190-FC6CAE7920F0"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.0:if007:*:*:containers:*:*:*","matchCriteriaId":"87CBC521-DDDD-4D6B-B82F-3D7260CB7C67"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.0:if007:*:*:traditional:*:*:*","matchCriteriaId":"DC646C5B-D3F9-4B8E-94F2-44F42A17B0B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.0:if008:*:*:containers:*:*:*","matchCriteriaId":"7675FC59-E23F-4816-B1EF-DB8E1CEA30DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.0:if008:*:*:traditional:*:*:*","matchCriteriaId":"68F2FFA3-761D-4E58-B1E9-CAC651BF620B"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.1:-:*:*:containers:*:*:*","matchCriteriaId":"D5D9EC44-05CE-44FA-AFDE-A4FA326A54F7"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.1:-:*:*:traditional:*:*:*","matchCriteriaId":"DCBC0FB0-E803-4CC3-9CDD-9DA0D91EE08F"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.1:if001:*:*:containers:*:*:*","matchCriteriaId":"AD2EC4AD-EF47-450F-AA73-8BEE3DADEA1A"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.1:if001:*:*:traditional:*:*:*","matchCriteriaId":"E3E71BEB-B904-48F3-8665-466ACC9AC1B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.1:if002:*:*:containers:*:*:*","matchCriteriaId":"0CFCCD13-9342-4D3D-BE9C-ABCA4EA27229"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.1:if002:*:*:traditional:*:*:*","matchCriteriaId":"C345B5B1-B7B2-401D-A554-B7E3F6FF29B8"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.1:if003:*:*:containers:*:*:*","matchCriteriaId":"8F82A13E-F355-4B56-A9ED-9B8D728D95D3"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.1:if003:*:*:traditional:*:*:*","matchCriteriaId":"0BAEF1EF-59E7-4502-B890-5F89EEE81DCB"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.1:if004:*:*:containers:*:*:*","matchCriteriaId":"5797C332-AE9A-40BF-BAA4-7ECDDEAA907C"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.1:if004:*:*:traditional:*:*:*","matchCriteriaId":"AAEC8FDE-1BAE-477C-BF27-F136B877DAAE"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.1:if005:*:*:containers:*:*:*","matchCriteriaId":"D0F5EB0D-CAF6-45BC-967B-472F1C2833D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.1:if005:*:*:traditional:*:*:*","matchCriteriaId":"E2D1C66F-BAA2-414C-A1F0-651526353081"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.1:if006:*:*:containers:*:*:*","matchCriteriaId":"63C11C87-A5EF-406D-86A5-13B7CB4BBB82"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.1:if006:*:*:traditional:*:*:*","matchCriteriaId":"5BEFDA15-7D42-48CF-B89C-E72811A796B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:25.0.0:-:*:*:containers:*:*:*","matchCriteriaId":"3058E645-44E1-4FF0-9A97-E04324BB8968"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:25.0.0:-:*:*:traditional:*:*:*","matchCriteriaId":"EA15073D-EA2F-479E-B7DC-F6280806410E"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:25.0.0:if001:*:*:containers:*:*:*","matchCriteriaId":"0E06ACEC-AC03-41AA-91C7-BA84457847A7"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:25.0.0:if001:*:*:traditional:*:*:*","matchCriteriaId":"D3A28BF1-C38A-4600-BFB5-C4EFD40BEA0B"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:25.0.0:if002:*:*:containers:*:*:*","matchCriteriaId":"6AD427CB-B553-4ACB-B2A3-1648848D6D09"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:25.0.0:if002:*:*:traditional:*:*:*","matchCriteriaId":"03533F96-66A4-430D-B7A2-C77CE6A65B32"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:25.0.0:if003:*:*:containers:*:*:*","matchCriteriaId":"4528EEFE-9EA6-4103-AC2B-581816A4776C"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:25.0.0:if003:*:*:traditional:*:*:*","matchCriteriaId":"DFE51BD6-9AF7-43BE-9EE3-1A16420CBC97"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:25.0.1:-:*:*:containers:*:*:*","matchCriteriaId":"A979D2C3-E177-45A5-A17E-56A595A26A9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:25.0.1:-:*:*:traditional:*:*:*","matchCriteriaId":"E9C4DCE5-CE75-44EC-8FC7-AB4B18EDDF6A"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"1248","Ordinal":"1","Title":"IBM Business Automation Workflow information leak","CVE":"CVE-2026-1248","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"1248","Ordinal":"1","NoteData":"IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages.","Type":"Description","Title":"IBM Business Automation Workflow information leak"}]}}}