IBM Support

Fix list for IBM Business Automation Workflow on Cloud - July 2025 Maintenance

Fix Readme


Abstract

The following document is a list of fixes, along with their descriptions, for the IBM Business Automation Workflow on Cloud July 2025 Maintenance. For older maintenance and other related documents, refer to the links in the Related Information section at the bottom of this document.

Content

The IBM Business Automation Workflow on Cloud service will be undergoing a regularly scheduled maintenance window for critical bug fixes and security updates.
 
This maintenance is being deployed by the Cloud Pak for Business Automation as a Service Site Reliability Engineering (SRE) team. The outage to the tenant production RUN environments will be intermittent and limited to 60 minutes or less during the first hour of the maintenance window.
 
WebSphere Application Server fixes for all Business Automation Workflow on Cloud tenants
WebSphere Application Server fixes for all Business Automation Workflow on Cloud tenants
Fix ID Fix Details Additional Pre-requisite Fixes
8.5.5.11-WS-WASBundledSDK8-LinuxX64-IFPH66499 

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to the April 2025 CPU

 N/A
8.5.5.24-WS-WAS-IFPH66028

PH66028:IBM WebSphere Application Server affected by a cross-site scripting vulnerability (CVE-2025-33104 CVSS 4.4)
8.5.5.24-WS-WAS-IFPH65941

PH65941:IBM WebSphere Application Server is vulnerable to server-side request forgery (CVE-2025-27907 CVSS 4.1)

Business Automation Workflow fixes for v24.0.1.0 tenants

Back to top

Business Automation Workflow fixes for v24.0.0.0 tenants
Business Automation Workflow fixes for v23.0.2.0 tenants
Fix ID Fix Details Additional Pre-requisite Fixes
8.6.70024000-WS-BPM-IFDT439593 [DT439593] CVE-2025-33197 - Security vulnerability cross-site scripting - IBM Business Automation Workflow
8.6.70024000-WS-BPM-IFDT439782 [DT439782] Multiple security vulnerabilities affect swagger-ui - IBM Business Automation Workflow
8.6.70024000-WS-BPM-IFDT409117 [DT409117] BAI BPEL events arrive in Kafka but do not seem to be processed by the flink job properly so they do not show up in ES or BAI dashboard - IBM Business Automation Workflow
8.6.70024000-WS-BPM-IFDT419248 [DT419248] You see an error ''FNRPA0556E The deployed task type info object for the {GUID} task type was not found after solution deployment'' in the Case Activities client-side human services view - IBM Cloud Pak for Business Automation
8.6.70024000-WS-BPM-MultiOS-IFDT424601
 		 [DT424601] Vulnerabilities in repackaged IBM Content Navigator dependencies CVE-2024-38808, CVE-2024-31141 - IBM Business Automation Workflow
8.6.70024000-WS-BPM-IFDT437586 [DT437586] When using the Processes dashboard and clicking on a process instance, details from another instance are displayed - IBM Business Automation Workflow
8.6.70024000-WS-BPM-IFDT433330 [DT433330] Security vulnerabilities CVE-2024-57965, CVE-2025-27152 and CVE-2025-27789 affect Process Admin Console - IBM Business Automation Workflow
8.6.70024000-WS-BPM-IFDT433874 [DT433874] Blank editor property sheets after renaming an activity - IBM Business Automation Workflow
8.6.70024000-WS-BPM-IFDT424599 [DT424599] Outdated open-source library versions bundled with IBM Business Automation Workflow - IBM Business Automation Workflow
8.6.70024000-WS-BPM-IFDT425284 [DT425284]: CVE-2022-42920 Vulnerable Apache Commons BCEL library included in Business Automation Workflow related JAR files
8.6.70024000-WS-BPM-IFDT437853 [DT437853] User may observe slow performance when server starts after upgrading to BAW 23.0.2 or a later version - IBM Business Automation Workflow

Back to top

Business Automation Workflow fixes for v23.0.2 tenants

Business Automation Workflow fixes for v21.0.3.1 tenants
Business Automation Workflow fixes for v21.0.3.1 tenants
Fix ID Fix Details Additional Pre-requisite Fixes
8.6.30021031-WS-BPM-IFDT438042 [DT438042]: After installing DT398149 you are unable to open the Workflow Center console - Business Automation Workflow - IBM Business Automation Workflow Supersedes:  DT398149,DT378426
8.6.30021031-WS-BPM-IFDT425284 [DT425284]: CVE-2022-42920 Vulnerable Apache Commons BCEL library included in Business Automation Workflow related JAR files
8.6.30021031-WS-BPM-IFDT425285 [DT425285] CVE-2023-20861, CVE-2023-20863, CVE-2024-22243, CVE-2024-22262, CVE-2024-38809 in Spring Framework - IBM Business Automation Workflow Supersedes: DT208578,DT365552, DT397840 
8.6.30021031-WS-BPM-IFDT424599 [DT424599] Outdated open-source library versions bundled with IBM Business Automation Workflow - IBM Business Automation Workflow

Back to top


Note: Clear browser cache before signing in following the maintenance window.

[{"Type":"MASTER","Line of Business":{"code":"LOB76","label":"Data Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSLRPC","label":"IBM Business Automation Workflow on Cloud"},"ARM Category":[{"code":"a8mKe000000GmaiIAC","label":"Maintenance"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]

Document Information

Modified date:
26 June 2025

UID

ibm17238144

Page Feedback