CVE-2025-36359

CVE-2025-36359CVE-2025-36359

Description

IBM DevOps Automation 1.0.1 and IBM DevOps Loop 1.0.2 does not invalidate session IDs after expiration which could allow an authenticated user to impersonate another user on the system.

Scoring

CVSS 8.1 ()
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Last modified2026-06-30
Sourced from NVD. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.