What is the CVSS score of CVE-2025-3629?

CVE-2025-3629 has a CVSS 3.1 base score of 4.3 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N. EPSS exploitation probability: 0.0%.

Which versions of Infosphere Information Server are affected by CVE-2025-3629?

CVE-2025-3629 presents moderate security risk rated CVSS 4.3. Exploitation could compromise the security of affected deployments.

How to fix or mitigate CVE-2025-3629?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Infosphere Information Server CVE-2025-3629

EUVD-2025-18810 MEDIUM

Improper Ownership Management (CWE-282)

2025-06-21 psirt@us.ibm.com

Information Disclosure IBM Infosphere Information Server

4.3

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

None

Lifecycle Timeline

EUVD ID Assigned

Mar 15, 2026 - 21:35 euvd

EUVD-2025-18810

Analysis Generated

Mar 15, 2026 - 21:35 vuln.today

CVE Published

Jun 21, 2025 - 13:15 nvd

MEDIUM 4.3

DescriptionNVD

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6

could allow an authenticated user to delete another user's comments due to improper ownership management.

AnalysisAI

CVE-2025-3629 is a security vulnerability (CVSS 4.3) that allows an authenticated user. Remediation should follow standard vulnerability management procedures.