Home

Description

IBM Jazz Foundation 7.0.2 to 7.0.2 iFix035, 7.0.3 to 7.0.3 iFix018, and 7.1.0 to 7.1.0 iFix004 could allow an unauthenticated remote attacker to update server property files that would allow them to perform unauthorized actions.

PUBLISHED Reserved 2025-04-15 | Published 2025-08-24 | Updated 2025-08-26 | Assigner ibm




CRITICAL: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-863 Incorrect Authorization

Product status

Default status
unaffected

7.0.2
affected

7.0.3
affected

7.1.0
affected

References

www.ibm.com/support/pages/node/7242925 vendor-advisory patch

cve.org (CVE-2025-36157)

nvd.nist.gov (CVE-2025-36157)

Download JSON