7.5
CVE-2025-36003
- EPSS 0.07%
- Veröffentlicht 28.08.2025 02:07:51
- Zuletzt bearbeitet 16.09.2025 16:41:58
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
IBM Security Verify Governance Identity Manager information disclosure
IBM Security Verify Governance Identity Manager 10.0.2 could allow a remote attacker to obtain sensitive information when detailed technical error messages are returned. This information could be used in further attacks against the system.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Security Verify Governance Version10.0.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.205 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
| psirt@us.ibm.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-209 Generation of Error Message Containing Sensitive Information
The product generates an error message that includes sensitive information about its environment, users, or associated data.