4.3
CVE-2025-36091
- EPSS 0.04%
- Veröffentlicht 03.11.2025 15:14:02
- Zuletzt bearbeitet 05.11.2025 14:51:51
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
IBM Business Automation Insights unverified ownership
IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user to cause dashboards to become inaccessible to legitimate users due to invalid ownership assignment.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Cloud Pak For Business Automation Version24.0.0 Update-
Ibm ≫ Cloud Pak For Business Automation Version24.0.0 Updateinterim_fix_001
Ibm ≫ Cloud Pak For Business Automation Version24.0.0 Updateinterim_fix_002
Ibm ≫ Cloud Pak For Business Automation Version24.0.0 Updateinterim_fix_003
Ibm ≫ Cloud Pak For Business Automation Version24.0.0 Updateinterim_fix_004
Ibm ≫ Cloud Pak For Business Automation Version24.0.1 Update-
Ibm ≫ Cloud Pak For Business Automation Version24.0.1 Updateinterim_fix_001
Ibm ≫ Cloud Pak For Business Automation Version24.0.1 Updateinterim_fix_002
Ibm ≫ Cloud Pak For Business Automation Version24.0.1 Updateinterim_fix_004
Ibm ≫ Cloud Pak For Business Automation Version25.0.0 Update-
Ibm ≫ Cloud Pak For Business Automation Version25.0.0 Updateinterim_fix_001
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.106 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@us.ibm.com | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
|
CWE-283 Unverified Ownership
The product does not properly verify that a critical resource is owned by the proper entity.