{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-12T03:21:25.166","vulnerabilities":[{"cve":{"id":"CVE-2025-1495","sourceIdentifier":"psirt@us.ibm.com","published":"2025-05-03T17:15:44.767","lastModified":"2025-08-14T01:52:35.270","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"IBM Business Automation Workflow 24.0.0 and 24.0.1 through 24.0.1 IF001 Center may leak sensitive information due to missing authorization validation."},{"lang":"es","value":"IBM Business Automation Workflow 24.0.0 y 24.0.1 a 24.0.1 IF001 Center puede filtrar información confidencial debido a la falta de validación de autorización."}],"metrics":{"cvssMetricV31":[{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"psirt@us.ibm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.1:*:*:*:traditional:*:*:*","matchCriteriaId":"97545315-79AD-4FFC-8275-DAD2C79908ED"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.1:-:*:*:containers:*:*:*","matchCriteriaId":"D5D9EC44-05CE-44FA-AFDE-A4FA326A54F7"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:24.0.1:interim_fix_001:*:*:containers:*:*:*","matchCriteriaId":"5A2BA712-EBF8-4111-A32E-43BDCE85E5E7"}]}]}],"references":[{"url":"https://www.ibm.com/support/pages/node/7232434","source":"psirt@us.ibm.com","tags":["Vendor Advisory"]}]}}]}