CVE-2025-36091
4.3
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Summary
IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user to cause dashboards to become inaccessible to legitimate users due to invalid ownership assignment.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | Cloud Pak For Business Automation | 25.0.0 | affected |
| IBM | Cloud Pak For Business Automation | 24.0.1 | affected |
| IBM | Cloud Pak For Business Automation | 24.0.0 | affected |
Weaknesses
- CWE-283: CWE-283 Unverified Ownership
Workarounds
Workarounds and Mitigations None.
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.