IBM Operational Decision Manager Vulnerabilities
Summary
CERT-Bund has issued a security advisory regarding multiple vulnerabilities in IBM Operational Decision Manager. The vulnerabilities, with a base CVSS score of 7.4, allow attackers to bypass security measures and manipulate files. Affected versions include various interim fixes across multiple release lines.
What changed
CERT-Bund has published a security advisory (WID-SEC-2026-0871) detailing multiple vulnerabilities in IBM Operational Decision Manager. These vulnerabilities, rated with a high CVSS base score of 7.4, can be exploited by attackers to bypass security controls and manipulate files. The advisory lists specific interim fix versions of IBM Operational Decision Manager that are affected, spanning across versions 8.11.x, 8.12.x, 9.0.x, and 9.5.x, and notes that the issue impacts Linux, UNIX, and Windows operating systems.
Organizations utilizing the affected versions of IBM Operational Decision Manager should review the advisory and apply the necessary interim fixes or mitigations as soon as possible to prevent potential security breaches. The advisory indicates that remote attacks are possible and provides links to CVE information and version history for further details. While a specific compliance deadline is not stated, prompt action is recommended due to the severity of the vulnerabilities.
What to do next
- Review IBM Operational Decision Manager versions for applicability to advisory WID-SEC-2026-0871
- Apply relevant interim fixes or mitigations provided by IBM
- Assess potential impact of vulnerabilities on security controls and data integrity
Source document (simplified)
[WID-SEC-2026-0871] IBM Operational Decision Manager: Mehrere Schwachstellen CVSS Base Score 7.4 (hoch) CVSS Temporal Score 6.4 (mittel) Remoteangriff ja Datum 25.03.2026 Stand 26.03.2026 Mitigation ja
Betroffene Systeme
Betriebssystem
- Linux
- Sonstiges
- UNIX
- Windows
Produktbeschreibung
IBM Operational Decision Manager ist Software für die Integration von Geschäftsereignissen und Geschäftsregeln, um Entscheidungen über verschiedene Prozesse und Anwendungen hinweg zu automatisieren.
Produkte
25.03.2026
- IBM Operational Decision Manager <8.11.0.1 Interim fix 054
IBM Operational Decision Manager <8.11.1 Interim fix 053
IBM Operational Decision Manager <8.12.0.1 Interim fix 037
IBM Operational Decision Manager <9.0.0.1 Interim fix 022
IBM Operational Decision Manager <9.5.0.1 Interim fix 005
Angriff
Angriff
Ein Angreifer kann mehrere Schwachstellen in IBM Operational Decision Manager ausnutzen, um Sicherheitsvorkehrungen zu umgehen, und um Dateien zu manipulieren. CVE Informationen Versionshistorie Feedback zum Advisory geben
Related changes
Source
Classification
Who this affects
Taxonomy
Browse Categories
Get Data Privacy & Cybersecurity alerts
Weekly digest. AI-summarized, no noise.
Free. Unsubscribe anytime.
Get alerts for this source
We'll email you when CERT-Bund Security Advisories publishes new changes.