ITPAM CVE-2025-68161
search cancel

ITPAM CVE-2025-68161

book

Article ID: 434958

calendar_today

Updated On:

Products

CA Process Automation Base

Issue/Introduction

Is ITPAM affected by the CVE-2025-68161 vulnerability?

Environment

Process Automation (ITPAM) 4.4 CP04 and previous releases

Resolution

Even though ITPAM ships the vulnerable version of log4j library, please be aware the product is not exploitable as Process Automation doesn't use Socket Appender.

PAM 4.4 CP05 will have log4j 2.25.3. We still don't have an ETA for this patch as of now (April 2026)

Additional Information

CVE-2025-68161

EEM CVE-2025-6816

Service Catalog CVE-2025-68161

Service Management Administration CVE-2025-68161

Powered by Wolken Software