CVE-2025-1139 MEDIUM

CVE-2025-1139: IBM Edge Application Manager incorrect permissions

Vendor Ibm
Product Edge Application Manager
Weakness CWE-732
Published August 20, 2025
Last update August 20, 2025

CVSS base score

6.1/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

What the vulnerability does

01Description

IBM Edge Application Manager 4.5 could allow a local user to read or modify resources that they should not have authorization to access due to incorrect permission assignment.

Key dates

02Disclosure timeline

August 20, 2025 CVE published
August 20, 2025 Record updated