CVE-2025-1838

Summary

IBM Cloud Pak for Business Automation

24.0.0 and 24.0.1 through 24.0.1 IF001

Authoring allows an authenticated user to bypass client-side data validation in an authoring user interface which could cause a denial of service.

Affected Software

VendorProductVersion RangeStatus
IBMCloud Pak for Business Automation24.0.1 <= 24.0.1 IF001affected
IBMCloud Pak for Business Automation24.0.0 <= 24.0.0 IF004affected

Weaknesses

  • CWE-602: CWE-602 Client-Side Enforcement of Server-Side Security

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References