Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-36092

IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user to cause a denial of service due to the improper validation of input length.

Published

2025-11-03T16:15:34.600

Last Modified

2025-11-05T14:58:19.337

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses

Type: Secondary
CWE-1284

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ibm	cloud_pak_for_business_automation	24.0.0	Yes
Application	ibm	cloud_pak_for_business_automation	24.0.0	Yes
Application	ibm	cloud_pak_for_business_automation	24.0.0	Yes
Application	ibm	cloud_pak_for_business_automation	24.0.0	Yes
Application	ibm	cloud_pak_for_business_automation	24.0.0	Yes
Application	ibm	cloud_pak_for_business_automation	24.0.1	Yes
Application	ibm	cloud_pak_for_business_automation	24.0.1	Yes
Application	ibm	cloud_pak_for_business_automation	24.0.1	Yes
Application	ibm	cloud_pak_for_business_automation	24.0.1	Yes
Application	ibm	cloud_pak_for_business_automation	25.0.0	Yes
Application	ibm	cloud_pak_for_business_automation	25.0.0	Yes

References

https://www.ibm.com/support/pages/node/7249999 Vendor Advisory ([email protected])