anonhaven
Ad

CVE-2025-36364

LOW CVSS 3.1: 3.3 EPSS 0.01%
Updated Mar 04, 2026
IBM
Parameter Value
CVSS 3.3 (LOW)
Affected Versions 3.0.0 — 3.0.6
Fixed In 3.0.6
Type CWE-525
Vendor IBM
Public PoC No

IBM DevOps Plan 3.0.0 through 3.0.5 allows web page cache to be stored locally which can be read by another user on the system.

Attack Parameters

Attack Vector
Local
Нужен локальный доступ
Attack Complexity
Low
Легко эксплуатировать
Privileges Required
Low
Нужны базовые права
User Interaction
None
Не нужно действие пользователя

Impact Assessment

Confidentiality
Low
Частичная утечка данных
Integrity
None
Нет модификации данных
Availability
None
Нет нарушения работы

CVSS Vector v3.1

Weakness Type (CWE)

CWE-525

Vulnerable Products 1

ibm:devops_plan

Known Affected Software Configurations 1

Configuration From (including) Up to (excluding)
Ibm Devops_Plan
cpe:2.3:a:ibm:devops_plan:*:*:*:*:*:*:*:*
 3.0.0 3.0.6

References 1

https://www.ibm.com/support/pages/node/7261930
psirt@us.ibm.com
Share Post Share Share Share

Related Vulnerabilities

CVE-2025-13688

IBM

8.8

CVE-2025-13687

IBM

8.8

CVE-2025-13686

IBM

8.8

CVE-2026-1265

IBM

5.3

CVE-2025-36363

IBM

7.5