IBM Jazz Foundation incorrect authorization_CVE-2025-36157

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

IBM Jazz Foundation 7.0.2 to 7.0.2 iFix035, 7.0.3 to 7.0.3 iFix018, and 7.1.0 to 7.1.0 iFix004 could allow an unauthenticated remote attacker to update server property files that would allow them to perform unauthorized actions.

Basic Information

ID CVE-2025-36157

Source ibm

Published Aug 24, 2025 at 01:14

Affected Product

Vendor IBM

Product Jazz Foundation

Version 7.0.2

Affected Versions IBM Jazz Foundation 7.0.2
IBM Jazz Foundation 7.0.3
IBM Jazz Foundation 7.1.0

CWE Classification

CWE-863

References

www.ibm.com /support/pages/node/7242925

{
    "lastseen": "",
    "description": "IBM Jazz Foundation 7.0.2 to 7.0.2 iFix035, 7.0.3 to 7.0.3 iFix018, and 7.1.0 to 7.1.0 iFix004 could allow an unauthenticated remote attacker to update server property files that would allow them to perform unauthorized actions.",
    "published": "2025-08-24T01:14:41.359Z",
    "modified": "2025-08-24T01:14:41.359Z",
    "type": "cve",
    "title": "IBM Jazz Foundation incorrect authorization",
    "source": "ibm",
    "references": "https://www.ibm.com/support/pages/node/7242925",
    "id": "CVE-2025-36157",
    "bulletinFamily": "",
    "cwe": [
        "CWE-863"
    ],
    "cvelist": null,
    "sourceData": "IBM Jazz Foundation 7.0.2\nIBM Jazz Foundation 7.0.3\nIBM Jazz Foundation 7.1.0",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Jazz Foundation",
    "version": "7.0.2",
    "vendor": "IBM",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}