6.5
CVE-2025-36092
- EPSS 0.08%
- Veröffentlicht 03.11.2025 15:15:43
- Zuletzt bearbeitet 05.11.2025 14:58:19
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
IBM Business Automation Insights improper input validation
IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user to cause a denial of service due to the improper validation of input length.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Cloud Pak For Business Automation Version24.0.0 Update-
Ibm ≫ Cloud Pak For Business Automation Version24.0.0 Updateinterim_fix_001
Ibm ≫ Cloud Pak For Business Automation Version24.0.0 Updateinterim_fix_002
Ibm ≫ Cloud Pak For Business Automation Version24.0.0 Updateinterim_fix_003
Ibm ≫ Cloud Pak For Business Automation Version24.0.0 Updateinterim_fix_004
Ibm ≫ Cloud Pak For Business Automation Version24.0.1 Update-
Ibm ≫ Cloud Pak For Business Automation Version24.0.1 Updateinterim_fix_001
Ibm ≫ Cloud Pak For Business Automation Version24.0.1 Updateinterim_fix_002
Ibm ≫ Cloud Pak For Business Automation Version24.0.1 Updateinterim_fix_004
Ibm ≫ Cloud Pak For Business Automation Version25.0.0 Update-
Ibm ≫ Cloud Pak For Business Automation Version25.0.0 Updateinterim_fix_001
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.233 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@us.ibm.com | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-1284 Improper Validation of Specified Quantity in Input
The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.