IBM Business Automation Insights unverified ownership_CVE-2025-36091

4.3 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Description

IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user to cause dashboards to become inaccessible to legitimate users due to invalid ownership assignment.

Basic Information

ID CVE-2025-36091

Source ibm

Published Nov 3, 2025 at 15:14

Modified Nov 3, 2025 at 15:37

Affected Product

Vendor IBM

Product Cloud Pak For Business Automation

Version 25.0.0

Affected Versions IBM Cloud Pak For Business Automation 25.0.0
IBM Cloud Pak For Business Automation 24.0.1
IBM Cloud Pak For Business Automation 24.0.0

CWE Classification

CWE-283

References

www.ibm.com /support/pages/node/7249999

{
    "lastseen": "",
    "description": "IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user to cause dashboards to become inaccessible to legitimate users due to invalid ownership assignment.",
    "published": "2025-11-03T15:14:02.557Z",
    "modified": "2025-11-03T15:37:32.628Z",
    "type": "cve",
    "title": "IBM Business Automation Insights unverified ownership",
    "source": "ibm",
    "references": "https://www.ibm.com/support/pages/node/7249999",
    "id": "CVE-2025-36091",
    "bulletinFamily": "",
    "cwe": [
        "CWE-283"
    ],
    "cvelist": null,
    "sourceData": "IBM Cloud Pak For Business Automation 25.0.0\nIBM Cloud Pak For Business Automation 24.0.1\nIBM Cloud Pak For Business Automation 24.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 4.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Cloud Pak For Business Automation",
    "version": "25.0.0",
    "vendor": "IBM",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}