Two security vulnerabilities in IBM Business Automation Workflow closed
Security updates repair IBM Business Automation Workflow.
An update bar fills up.
(Image: AFANASEV IVAN/Shutterstock.com)
Two security vulnerabilities jeopardize IBM Business Automation Workflow. Updated versions protect systems from possible attacks.
The application is used to automate digital workflows. The vulnerabilities affect IBM Business Automation Workflow containers, IBM Business Automation Workflow traditional and IBM Business Automation Workflow Enterprise Service Bus. If attackers successfully exploit a vulnerability (CVE-2024-7254 “high”), they can provoke memory errors.
Security patches available
This usually leads to crashes. However, malicious code also often reaches computers in this context and compromises systems. The developers list the affected and secured versions in a warning message.
Videos by heise
The second vulnerability(CVE-2024-40094 “medium”) can lead to DoS states. There is currently no indication from IBM that attacks are already underway. Admins should nevertheless install the security updates quickly.
The developers only recently repaired IBM Storage Virtualize.
(des)
