Server-Side Enforcement Flaw in IBM ApplinX 11.1
CVE-2025-36410

3.1LOW

Key Information:

Vendor: IBM
Status: Applinx
Vendor: CVE Published:; 20 January 2026

What is CVE-2025-36410?

A vulnerability in IBM ApplinX 11.1 potentially allows authenticated users to exploit server-side enforcement mechanisms, resulting in unauthorized administrative privileges. This flaw highlights the importance of robust security measures to ensure proper validation and authorization processes are in place to protect server integrity. Users are advised to apply available patches to mitigate these risks.

Affected Version(s)

ApplinX 11.1

References

https://www.ibm.com/support/pages/node/7257446

vendor-advisorypatch

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 20, 2026
Vulnerability Reserved
Apr 15, 2025

JSON