cbcvebase.
CVE-2025-36157
published 2025-08-24

CVE-2025-36157: IBM Jazz Foundation 7.0.2 to 7.0.2 iFix035, 7.0.3 to 7.0.3 iFix018, and 7.1.0 to 7.1.0 iFix004 could allow an unauthenticated remote attacker to update server…

PriorityP262critical9.1CVSS 3.1
AVNACLPRNUINSUCNIHAH
EPSS
0.50%
39.0th percentile
IBM Jazz Foundation 7.0.2 to 7.0.2 iFix035, 7.0.3 to 7.0.3 iFix018, and 7.1.0 to 7.1.0 iFix004 could allow an unauthenticated remote attacker to update server property files that would allow them to perform unauthorized actions.

Affected

6 ranges
VendorProductVersion rangeFixed in
ibmengineering_lifecycle_management7.0.2 – 7.0.2 iFix035
ibmengineering_lifecycle_management7.0.3 – 7.0.3 iFix018
ibmengineering_lifecycle_management7.1.0 – 7.1.0 iFix004
ibmjazz_foundation
ibmjazz_foundation
ibmjazz_foundation
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.