IBM Jazz Foundation path traversal_CVE-2025-25048

6.5 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Description

IBM Jazz Foundation 7.0.2 through 7.0.2 iFix033, 7.0.3 through 7.0.3 iFix012, and 7.1.0 through 7.1.0 iFix002 could allow an authenticated user to upload files to the system due to improper neutralization of sequences that can resolve to a restricted directory.

Basic Information

ID CVE-2025-25048

Source ibm

Published Sep 4, 2025 at 15:06

Modified Sep 4, 2025 at 15:16

Affected Product

Vendor IBM

Product Jazz Foundation

Version 7.0.2

Affected Versions IBM Jazz Foundation 7.0.2
IBM Jazz Foundation 7.0.3
IBM Jazz Foundation 7.1.0

CWE Classification

CWE-23

References

www.ibm.com /support/pages/node/7244014

{
    "lastseen": "",
    "description": "IBM Jazz Foundation 7.0.2 through 7.0.2 iFix033, 7.0.3 through 7.0.3 iFix012, and 7.1.0 through 7.1.0 iFix002 could allow an authenticated user to upload files to the system due to improper neutralization of sequences that can resolve to a restricted directory.",
    "published": "2025-09-04T15:06:15.076Z",
    "modified": "2025-09-04T15:16:08.257Z",
    "type": "cve",
    "title": "IBM Jazz Foundation path traversal",
    "source": "ibm",
    "references": "https://www.ibm.com/support/pages/node/7244014",
    "id": "CVE-2025-25048",
    "bulletinFamily": "",
    "cwe": [
        "CWE-23"
    ],
    "cvelist": null,
    "sourceData": "IBM Jazz Foundation 7.0.2\nIBM Jazz Foundation 7.0.3\nIBM Jazz Foundation 7.1.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Jazz Foundation",
    "version": "7.0.2",
    "vendor": "IBM",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}