Local Cache Exposure in IBM OpenPages 9.0 and 9.1
CVE-2025-36082

4MEDIUM

Key Information:

Vendor: IBM
Status: Openpages
Vendor: CVE Published:; 15 September 2025

What is CVE-2025-36082?

IBM OpenPages versions 9.0 and 9.1 contain a vulnerability that allows web page cache to be stored locally, potentially enabling unauthorized users to read sensitive information. If not addressed, this issue can lead to exposure of private data shared across users on the same system. It is crucial for organizations using these versions to implement security measures and apply available patches to mitigate risk.

Affected Version(s)

OpenPages 9.0

OpenPages 9.1

References

https://www.ibm.com/support/pages/node/7244777

vendor-advisorypatch

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 15, 2025
Vulnerability Reserved
Apr 15, 2025