CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
CVE-2025-1838: IBM Cloud Pak for Business Automation denial of service
6.5
CVSS
Description
IBM Cloud Pak for Business Automation
24.0.0 and 24.0.1 through 24.0.1 IF001
Authoring allows an authenticated user to bypass client-side data validation in an authoring user interface which could cause a denial of service.
Classification
CVE ID: CVE-2025-1838
CVSS Base Severity: MEDIUM
CVSS Base Score: 6.5
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Problem Types
CWE-602 Client-Side Enforcement of Server-Side SecurityAffected Products
Vendor: IBM
Product: Cloud Pak for Business Automation
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.06% (probability of being exploited)
EPSS Percentile: 18.34% (scored less or equal to compared to others)
EPSS Date: 2025-06-01 (when was this score calculated)
References
https://nvd.nist.gov/vuln/detail/CVE-2025-1838https://www.ibm.com/support/pages/node/7232429