Cache Exposure Flaw in IBM DevOps Product
CVE-2025-36364

6.2MEDIUM

Key Information:

Vendor: IBM
Status: Devops Plan
Vendor: CVE Published:; 3 March 2026

What is CVE-2025-36364?

IBM DevOps Plan versions 3.0.0 to 3.0.5 are susceptible to a vulnerability that permits the storage of web page cache locally on the user’s system. This cache can inadvertently be accessed by other users operating on the same system, leading to potential data leakage. This flaw underscores the importance of proper cache management and user access controls within enterprise environments.

Affected Version(s)

DevOps Plan 3.0.0 <= 3.0.5

References

https://www.ibm.com/support/pages/node/7261930

vendor-advisorypatch

CVSS V3.1

Score:

6.2

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 3, 2026
Vulnerability Reserved
Apr 15, 2025

CVE-2025-36364 Data

JSON