Description
IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote authenticated attacker could exploit this vulnerability to execute arbitrary commands.
INFO
Published Date :
2025-06-18T16:06:18.983Z
Last Modified :
2025-08-24T11:50:08.864Z
Source :
ibm
AFFECTED PRODUCTS
The following products are affected by CVE-2025-36049 vulnerability.
| Vendors | Products |
|---|---|
| Apple |
|
| Ibm |
|
| Linux |
|
| Microsoft |
|
| Novell |
|
| Redhat |
|
| Softwareag |
|
REFERENCES
Here, you will find a curated list of external links that provide in-depth information to CVE-2025-36049.
| URL | Resource |
|---|---|
| https://www.ibm.com/support/pages/node/7237146 |
|
CVSS Vulnerability Scoring System
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact