FKIE_CVE-2025-15395
Vulnerability from fkie_nvd - Published: 2026-02-02 16:16 - Updated: 2026-02-11 20:34
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Summary
IBM Jazz Foundation 7.0.3 through 7.0.3 iFix019 and 7.1.0 through 7.1.0 iFix005 is vulnerable to access control violations that allows the users to view or access/perform actions beyond their expected capability.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@us.ibm.com | https://www.ibm.com/support/pages/node/7258304 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | jazz_foundation | 7.0.3 | |
| ibm | jazz_foundation | 7.0.3 | |
| ibm | jazz_foundation | 7.0.3 | |
| ibm | jazz_foundation | 7.0.3 | |
| ibm | jazz_foundation | 7.0.3 | |
| ibm | jazz_foundation | 7.0.3 | |
| ibm | jazz_foundation | 7.0.3 | |
| ibm | jazz_foundation | 7.0.3 | |
| ibm | jazz_foundation | 7.0.3 | |
| ibm | jazz_foundation | 7.0.3 | |
| ibm | jazz_foundation | 7.0.3 | |
| ibm | jazz_foundation | 7.0.3 | |
| ibm | jazz_foundation | 7.0.3 | |
| ibm | jazz_foundation | 7.0.3 | |
| ibm | jazz_foundation | 7.0.3 | |
| ibm | jazz_foundation | 7.0.3 | |
| ibm | jazz_foundation | 7.0.3 | |
| ibm | jazz_foundation | 7.0.3 | |
| ibm | jazz_foundation | 7.0.3 | |
| ibm | jazz_foundation | 7.1.0 | |
| ibm | jazz_foundation | 7.1.0 | |
| ibm | jazz_foundation | 7.1.0 | |
| ibm | jazz_foundation | 7.1.0 | |
| ibm | jazz_foundation | 7.1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:jazz_foundation:7.0.3:-:*:*:*:*:*:*",
"matchCriteriaId": "E7BEB914-06D8-4F0B-89C8-DFFF89B432F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix001:*:*:*:*:*:*",
"matchCriteriaId": "FF01D2AF-8FCB-49FB-BD5F-17877F7731F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix002:*:*:*:*:*:*",
"matchCriteriaId": "B766EDB8-4115-4682-B1AD-57C99107A195",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix003:*:*:*:*:*:*",
"matchCriteriaId": "9AB07BE6-C24B-4D7A-B906-2268BAF742CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix004:*:*:*:*:*:*",
"matchCriteriaId": "C405EE5A-4320-4960-B430-00AFCF540089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix005:*:*:*:*:*:*",
"matchCriteriaId": "CE6616C0-F434-4189-AF6E-07AB0E04626F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix006:*:*:*:*:*:*",
"matchCriteriaId": "854B0828-F782-4F8E-9970-AA7BF2A4F0F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix007:*:*:*:*:*:*",
"matchCriteriaId": "76F5529B-09C3-4B3D-B670-978EDE39F086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix008:*:*:*:*:*:*",
"matchCriteriaId": "E2FD2D5C-2BF9-4558-B794-A2CEC3E13E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix009:*:*:*:*:*:*",
"matchCriteriaId": "71F966A3-4D5A-4870-91A0-F7BE6AEECDFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix010:*:*:*:*:*:*",
"matchCriteriaId": "32BB09AF-ED78-4FFB-8313-AC527250CE6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix011:*:*:*:*:*:*",
"matchCriteriaId": "01E9BCE0-684F-4624-BD4C-2A90E160C63D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix012:*:*:*:*:*:*",
"matchCriteriaId": "62031B5D-C2BE-433B-89D4-9CEB013E0402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix013:*:*:*:*:*:*",
"matchCriteriaId": "86F6DF11-AC1B-4B9C-89B0-C5930775AC95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix014:*:*:*:*:*:*",
"matchCriteriaId": "4AA16E96-2467-4542-991A-C38906494A7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix015:*:*:*:*:*:*",
"matchCriteriaId": "9F7B38A2-AB25-4FFB-BC2F-6D29BCD57C65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix016:*:*:*:*:*:*",
"matchCriteriaId": "C6249D2A-8564-415F-BF39-887C6B1D3679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix017:*:*:*:*:*:*",
"matchCriteriaId": "1CA1754B-4021-486A-8700-C725098EF3D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix018:*:*:*:*:*:*",
"matchCriteriaId": "1DAB4860-8F6E-4066-A56F-67CBE40185EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:jazz_foundation:7.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "53EA48FB-EA3A-4111-AAAF-F7053DBEEEA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:jazz_foundation:7.1.0:ifix001:*:*:*:*:*:*",
"matchCriteriaId": "5BD93D68-30C9-4E29-8295-AC0121F2EFF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:jazz_foundation:7.1.0:ifix002:*:*:*:*:*:*",
"matchCriteriaId": "979A3BCA-1EDD-4020-918B-BBEBB6F7EFF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:jazz_foundation:7.1.0:ifix003:*:*:*:*:*:*",
"matchCriteriaId": "A32F602D-AE6E-4120-9E24-BD18989FB80C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:jazz_foundation:7.1.0:ifix004:*:*:*:*:*:*",
"matchCriteriaId": "5D3BC640-5946-4349-8E62-6C2D4AF03ADC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Jazz Foundation\u00a07.0.3 through\u00a07.0.3 iFix019 and\u00a07.1.0 through\u00a07.1.0 iFix005\u00a0is vulnerable to access control violations that allows the users to view or access/perform actions beyond their expected capability."
},
{
"lang": "es",
"value": "IBM Jazz Foundation 7.0.3 hasta 7.0.3 iFix019 y 7.1.0 hasta 7.1.0 iFix005 es vulnerable a violaciones de control de acceso que permite a los usuarios ver o acceder/realizar acciones m\u00e1s all\u00e1 de su capacidad esperada."
}
],
"id": "CVE-2025-15395",
"lastModified": "2026-02-11T20:34:53.650",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@us.ibm.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2026-02-02T16:16:18.187",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/pages/node/7258304"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "psirt@us.ibm.com",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…