← Back to CVEs
CVE-2025-36016
MEDIUM6.8
Description
IBM Process Mining 2.0.1 IF001 and 2.0.1 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim.
CVE Details
CVSS v3.1 Score6.8
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredLOW
User InteractionREQUIRED
Published6/21/2025
Last Modified8/21/2025
Sourcenvd
Honeypot Sightings0
Affected Products
ibm:process_mining
Weaknesses (CWE)
CWE-601
References
https://www.ibm.com/support/pages/node/7237502(psirt@us.ibm.com)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.