CVE-2025-36003

HIGH

7.5

Description

IBM Security Verify Governance Identity Manager 10.0.2 could allow a remote attacker to obtain sensitive information when detailed technical error messages are returned. This information could be used in further attacks against the system.

CVE Details

CVSS v3.1 Score7.5

SeverityHIGH

CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack VectorNETWORK

ComplexityLOW

Privileges RequiredNONE

User InteractionNONE

Published8/28/2025

Last Modified9/16/2025

Sourcenvd

Honeypot Sightings0

Affected Products

ibm:security_verify_governance

Weaknesses (CWE)

CWE-209

References

https://www.ibm.com/support/pages/node/7243303(psirt@us.ibm.com)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.