Improper Ownership Management in IBM InfoSphere Information Server
CVE-2025-3629

4.3MEDIUM

Key Information:

Vendor: IBM
Status: Infosphere Information Server
Vendor: CVE Published:; 21 June 2025

What is CVE-2025-3629?

An issue within IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6 allows an authenticated user to delete comments belonging to other users due to inadequate management of comment ownership. This vulnerability poses a risk by enabling unauthorized modifications to user-generated content, potentially undermining the integrity and trust in the platform's functionalities.

Affected Version(s)

InfoSphere Information Server 11.7.0.0 <= 11.7.1.6

References

https://www.ibm.com/support/pages/node/7235496

vendor-advisory

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 21, 2025
Vulnerability Reserved
Apr 15, 2025