CVE-2025-36351

Summary

IBM License Metric Tool 9.2.0 through 9.2.40

could allow an authenticated user to bypass access controls in the REST API interface and perform unauthorized actions.

Affected Software

VendorProductVersion RangeStatus
IBMLicense Metric Tool9.2.0 <= 9.2.40affected

Weaknesses

  • CWE-284: CWE-284 Authentication Bypass Using an Alternate Path or Channel

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References