Zurück zur CVE-Übersicht
CVE-2025-36359
HIGH(8.1)CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Risk Signal Score25/100 — MITTEL
- CVSS 8.1 — Hoch
EPSS-Score
0%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
8.1
Technische Schwere
Beschreibung
IBM DevOps Automation 1.0.1 and IBM DevOps Loop 1.0.2 does not invalidate session IDs after expiration which could allow an authenticated user to impersonate another user on the system.