Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-36117

IBM Db2 Mirror for i 7.4, 7.5, and 7.6 does not disallow the session id after use which could allow an authenticated user to impersonate another user on the system.

Published

2025-07-23T15:15:31.867

Last Modified

2025-08-07T14:36:42.153

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.3 (MEDIUM)

Weaknesses

Type: Primary
CWE-384

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ibm	db2_mirror_for_i	7.4	Yes
Application	ibm	db2_mirror_for_i	7.5	Yes
Application	ibm	db2_mirror_for_i	7.6	Yes

References

https://www.ibm.com/support/pages/node/7240351 Vendor Advisory ([email protected])