{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-10T18:58:48.968","vulnerabilities":[{"cve":{"id":"CVE-2025-36023","sourceIdentifier":"psirt@us.ibm.com","published":"2025-08-08T15:15:28.087","lastModified":"2025-08-15T18:19:48.543","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"IBM Cloud Pak for Business Automation 24.0.0 through 24.0.0 IF005 and 24.0.1 through 24.0.1 IF002 could allow an authenticated user to view sensitive user and system information due to an indirect object reference through a user-controlled key."},{"lang":"es","value":"IBM Cloud Pak for Business Automation 24.0.0 a 24.0.0 IF005 y 24.0.1 a 24.0.1 IF002 podrían permitir que un usuario autenticado vea información confidencial del usuario y del sistema debido a una referencia de objeto indirecta a través de una clave controlada por el usuario."}],"metrics":{"cvssMetricV31":[{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"psirt@us.ibm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:cloud_pak_for_business_automation:24.0.0:-:*:*:*:*:*:*","matchCriteriaId":"EF879B84-21B0-4FD4-AD2E-7F29EBDD218A"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:cloud_pak_for_business_automation:24.0.0:interim_fix_001:*:*:*:*:*:*","matchCriteriaId":"496D1A48-3403-471F-AD07-AEC7E5000AD8"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:cloud_pak_for_business_automation:24.0.0:interim_fix_004:*:*:*:*:*:*","matchCriteriaId":"D1810412-5987-4F53-A81E-096A4F0187B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:cloud_pak_for_business_automation:24.0.0:interim_fix_005:*:*:*:*:*:*","matchCriteriaId":"9CC01202-3D62-4544-BE9C-47300063896E"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:cloud_pak_for_business_automation:24.0.1:-:*:*:*:*:*:*","matchCriteriaId":"F68528C5-034B-4B2C-8745-B969B14B52C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:cloud_pak_for_business_automation:24.0.1:interim_fix_001:*:*:*:*:*:*","matchCriteriaId":"EADE80E3-4E60-4154-A559-93E2325D799A"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:cloud_pak_for_business_automation:24.0.1:interim_fix_002:*:*:*:*:*:*","matchCriteriaId":"D01FC35C-29F1-4D57-8804-07A5C1E9EA85"}]}]}],"references":[{"url":"https://www.ibm.com/support/pages/node/7241570","source":"psirt@us.ibm.com","tags":["Vendor Advisory"]}]}}]}