5.4
CVE-2025-36094
- EPSS 0.04%
- Veröffentlicht 03.02.2026 22:06:09
- Zuletzt bearbeitet 03.02.2026 23:16:05
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
IBM Cloud Pak for Business Automation 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through 24.0.1 Interim Fix 005, and 24.0.0 through 24.0.0 Interim Fix 007 could allow an authenticated user to cause a denial of service or corrupt existing data due to the improper validation of input length.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerIBM
≫
Produkt
Cloud Pak for Business Automation
Version <=
25.0.0 Interim Fix 002
Version
25.0.0
Status
affected
Version <=
24.0.1 Interim Fix 005
Version
24.0.1
Status
affected
Version <=
24.0.0 Interim Fix 007
Version
24.0.0
Status
affected
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.128 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@us.ibm.com | 5.4 | 2.8 | 2.5 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
|
CWE-1284 Improper Validation of Specified Quantity in Input
The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.