Home

Description

IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user to cause dashboards to become inaccessible to legitimate users due to invalid ownership assignment.

PUBLISHED Reserved 2025-04-15 | Published 2025-11-03 | Updated 2025-11-03 | Assigner ibm




MEDIUM: 4.3CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Problem types

CWE-283 Unverified Ownership

Product status

25.0.0
affected

24.0.1
affected

24.0.0
affected

References

www.ibm.com/support/pages/node/7249999 vendor-advisory patch

cve.org (CVE-2025-36091)

nvd.nist.gov (CVE-2025-36091)

Download JSON