CVE-2025-36094 | THREATINT

Description

IBM Cloud Pak for Business Automation 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through 24.0.1 Interim Fix 005, and 24.0.0 through 24.0.0 Interim Fix 007 could allow an authenticated user to cause a denial of service or corrupt existing data due to the improper validation of input length.

PUBLISHED Reserved 2025-04-15 | Published 2026-02-03 | Updated 2026-02-04 | Assigner ibm

MEDIUM: 5.4CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Problem types

CWE-1284 Improper Validation of Specified Quantity in Input

Product status

25.0.0 (semver)

affected

24.0.1 (semver)

affected

24.0.0 (semver)

affected

References

www.ibm.com/support/pages/node/7259318 vendor-advisory patch

cve.org (CVE-2025-36094)

nvd.nist.gov (CVE-2025-36094)

Download JSON