CVE-2025-3629 MEDIUM

CVE-2025-3629: IBM InfoSphere Information Server file manipulation

Vendor Ibm
Product InfoSphere Information Server
Weakness CWE-282
Published June 21, 2025
Last update August 24, 2025

CVSS base score

4.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an authenticated user to delete another user's comments due to improper ownership management.

Key dates

02Disclosure timeline

June 21, 2025 CVE published
August 24, 2025 Record updated