CVE-2025-36092

Summary

IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user to cause a denial of service due to the improper validation of input length.

Affected Software

VendorProductVersion RangeStatus
IBMCloud Pak For Business Automation25.0.0affected
IBMCloud Pak For Business Automation24.0.1affected
IBMCloud Pak For Business Automation24.0.0affected

Weaknesses

  • CWE-1284: CWE-1284 Improper Validation of Specified Quantity in Input

Workarounds

Workarounds and Mitigations None.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References