IBM BAW Containers Leak DB Structure in Error Messages: CVE-2026-1248 May 2026

IBM BAW Containers Leak DB Structure in Error Messages
CVE-2026-1248 Published on May 27, 2026

IBM Business Automation Workflow information leak
IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages.

Vulnerability Analysis

CVE-2026-1248 is exploitable with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.

Attack Vector:

NETWORK

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

LOW

Integrity Impact:

NONE

Availability Impact:

NONE

Weakness Type

Generation of Error Message Containing Sensitive Information

The software generates an error message that includes sensitive information about its environment, users, or associated data.

Products Associated with CVE-2026-1248

Want to know whenever a new CVE is published for IBM Business Automation Workflow Containers Traditional? stack.watch will email you.

Affected Versions

Version 25.0.1 is affected.

Version 25.0.0, <= 25.0.0 Interim Fix 003 is affected.

Version 24.0.1, <= 24.0.1 Interim Fix 006 is affected.

Version 24.0.0, <= 24.0.0 Interim Fix 008 is affected.

IBM BAW Containers Leak DB Structure in Error MessagesCVE-2026-1248 Published on May 27, 2026

Vulnerability Analysis

Weakness Type

Generation of Error Message Containing Sensitive Information

Products Associated with CVE-2026-1248

Affected Versions

IBM BAW Containers Leak DB Structure in Error Messages
CVE-2026-1248 Published on May 27, 2026