Vulnerability Database

300,214

Total vulnerabilities in the database

CVE-2025-36092

IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user to cause a denial of service due to the improper validation of input length.

Published: Nov 3, 2025
Updated: Nov 4, 2025
CVE: CVE-2025-36092
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWEs:

CWE-1284

Affected Software
References

Software	From	Fixed in
ibm / cloud_pak_for_business_automation	24.0.0	24.0.0.x
ibm / cloud_pak_for_business_automation	24.0.0-interim_fix_001	24.0.0-interim_fix_001.x
ibm / cloud_pak_for_business_automation	24.0.0-interim_fix_002	24.0.0-interim_fix_002.x
ibm / cloud_pak_for_business_automation	24.0.0-interim_fix_003	24.0.0-interim_fix_003.x
ibm / cloud_pak_for_business_automation	24.0.0-interim_fix_004	24.0.0-interim_fix_004.x
ibm / cloud_pak_for_business_automation	24.0.1	24.0.1.x
ibm / cloud_pak_for_business_automation	24.0.1-interim_fix_001	24.0.1-interim_fix_001.x
ibm / cloud_pak_for_business_automation	24.0.1-interim_fix_002	24.0.1-interim_fix_002.x
ibm / cloud_pak_for_business_automation	24.0.1-interim_fix_004	24.0.1-interim_fix_004.x
ibm / cloud_pak_for_business_automation	25.0.0	25.0.0.x
ibm / cloud_pak_for_business_automation	25.0.0-interim_fix_001	25.0.0-interim_fix_001.x

https://www.ibm.com/support/pages/node/7249999

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo