Information Exposure in IBM Security Verify Governance Identity Manager
CVE-2025-36003

7.5HIGH

Key Information:

Vendor: IBM
Status: Security Verify Governance Identity Manager
Vendor: CVE Published:; 28 August 2025

What is CVE-2025-36003?

IBM Security Verify Governance Identity Manager version 10.0.2 is subject to a vulnerability that could enable remote attackers to retrieve sensitive information. This occurs when the application generates detailed technical error messages, which may inadvertently disclose data that could be leveraged in subsequent attacks. To mitigate risks, users are advised to review the vendor advisory for updates and apply relevant patches.

Affected Version(s)

Security Verify Governance Identity Manager 10.0.2

References

https://www.ibm.com/support/pages/node/7243303

vendor-advisorypatch

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 28, 2025
Vulnerability Reserved
Apr 15, 2025