CVE-2025-36094

EPSS 0.07%
Veröffentlicht 03.02.2026 22:06:09
Zuletzt bearbeitet 25.02.2026 18:52:22
Quelle psirt@us.ibm.com
CVE-Watchlists
Login
Unerledigt
Login

Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for January 2026.

IBM Cloud Pak for Business Automation 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through 24.0.1 Interim Fix 005, and 24.0.0 through 24.0.0 Interim Fix 007 could allow an authenticated user to cause a denial of service or corrupt existing data due to the improper validation of input length.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

NVD 11 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ibm ≫ Cloud Pak For Business Automation Version24.0.0 Update-

Ibm ≫ Cloud Pak For Business Automation Version24.0.0 Updateinterim_fix_001

Ibm ≫ Cloud Pak For Business Automation Version24.0.0 Updateinterim_fix_002

Ibm ≫ Cloud Pak For Business Automation Version24.0.1 Update-

Ibm ≫ Cloud Pak For Business Automation Version24.0.1 Updateinterim_fix_001

Ibm ≫ Cloud Pak For Business Automation Version24.0.1 Updateinterim_fix_002

Ibm ≫ Cloud Pak For Business Automation Version24.0.1 Updateinterim_fix_004

Ibm ≫ Cloud Pak For Business Automation Version24.0.1 Updateinterim_fix_005

Ibm ≫ Cloud Pak For Business Automation Version25.0.0 Update-

Ibm ≫ Cloud Pak For Business Automation Version25.0.0 Updateinterim_fix_001

Ibm ≫ Cloud Pak For Business Automation Version25.0.0 Updateinterim_fix_002

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.218

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.1	2.8	5.2	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
psirt@us.ibm.com	5.4	2.8	2.5	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

CWE-1284 Improper Validation of Specified Quantity in Input

The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.

https://www.ibm.com/support/pages/node/7259318

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-36094

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-36094

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-36094

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-36094