Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-36037

IBM webMethods Integration 10.15 and 11.1 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.

Published

2025-09-22T16:15:43.057

Last Modified

2025-10-03T19:12:49.423

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.4 (MEDIUM)

Weaknesses

Type: Secondary
CWE-918

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ibm	webmethods_integration	10.15	Yes
Application	ibm	webmethods_integration	11.1	Yes

References

https://www.ibm.com/support/pages/node/7245758 Vendor Advisory ([email protected])