Devops Plan
CVE-2025-36364
MEDIUM
Severity by source
AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
2DescriptionCVE.org
IBM DevOps Plan 3.0.0 through 3.0.5 allows web page cache to be stored locally which can be read by another user on the system.
AnalysisAI
IBM DevOps Plan 3.0.0 through 3.0.5 allows web page cache to be stored locally which can be read by another user on the system. [CVSS 6.2 MEDIUM]
Technical ContextAI
Affects Devops Plan. IBM DevOps Plan 3.0.0 through 3.0.5 allows web page cache to be stored locally which can be read by another user on the system.
RemediationAI
Monitor vendor advisories for a patch.
More in Devops Plan
View allHTTP header injection in IBM DevOps Plan 3.0.0 through 3.0.6 allows unauthenticated remote attackers to inject arbitrary
Devops Plan versions up to 3.0.5 is affected by improper restriction of excessive authentication attempts (CVSS 5.9).
Share
External POC / Exploit Code
Leaving vuln.today