← back
CVE-2025-36093

security vulnerabilities are addressed with IBM Business Automation Insights iFixes for October 2025.

CVSS 4.8 MEDIUMEPSS 0.2%CWE-602
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.8EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
03 Nov 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an attacker to access unauthorized content or perform unauthorized actions using man in the middle techniques due to improper access controls.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Affected products
IBM · Cloud Pak For Business Automation

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.ibm.com/support/pages/node/7249999